Company detects and mitigates network threats before experiencing data loss or service interruption.

This case study describes why and how Cisco augmented its perimeter-based intrusion prevention system (IPS) deployment with network-based IPS in data centers. Although perimeter-based IPS sensors detect malicious traffic that traverses the company firewalls, they do not detect suspicious traffic that both originates and terminates within the company. Network-based IPS sensors at Cisco help protect the company’s most important assets, which reside within data centers.

This case study explains how the Cisco Computer Security Incident Response Team (CSIRT) uses the network-based IPS solution for monitoring and analysis and investigation. It also discusses the importance of tuning to reduce false positives while not generating false negatives.

Read the CSIRT Network-Based Intrusion Prevention System Case Study