Users Put Their HIPS Into ITUsers Put Their HIPS Into IT

Frustrated by the shortcomings of enterprise- and network-based intrusion prevention tools, many businesses are turning on their HIPS and heading in another direction.

That's the conclusion of our latest Dark Reading Insider report, "Host Intrusion Prevention Systems: Who's Doing What," which was published earlier this week. The report traces the emergence of HIPS products from the early days of the personal firewall to today's offerings, which often include such features as antivirus tools, content filtering, and access control as well as traditional firewall capabilities. The ability of HIPS to defend against attacks on remote and mobile devices is causing many enterprises to take a closer look at the technology, according to author John Sawyer. "Organizations are learning the hard way that security threats are no longer limited to attacks originating outside of the corporate firewall," says Sawyer in the report. "Mobile end users must take corporate assets, such as laptops, personal digital assistants (PDAs), cellphones, and even data, outside of the safe confines of the internal network. Unfortunately, corporate IT has no control over remote locations and cannot be sure of every threat mobile devices must face." HIPS, which operate on a host or end station, rather than behind the corporate firewall, are helping to address the mobile security problem, the report states. The emerging technology has a leg up on traditional enterprise IPS or network IPS products, which generally handle intrusion prevention for a large number of systems. While HIPS technology is becoming popular, it still needs some work, according to the report. Configuration issues, as well as integration with network access control (NAC), are still to be resolved. In addition to a discussion of HIPS technology, the report offers an in-depth look at about a dozen products and vendors currently on the market and offers suggestions on how to evaluate them. "Ultimately, every organization will need to implement some sort of HIPS solution," the report states. — Tim Wilson, Site Editor, Dark Reading