We also recommend that it managers take a long, hard look at the changing security landscape. Security policy setting is likely to move up the food chain, with day-to-day security operations merging into the general IT department. Management tools that govern IPS devices are just as important as the "speeds and feeds" capabilities of the devices themselves.One of the most basic questions that must be answered before evaluating an IPS is how much traffic is on the network, both at the perimeter and in the data center. Most IPS makers offer a family of products for meeting a variety of needs, including devices with multigigabit speeds for data center use. Another factor that IT managers should consider before evaluating an IPS is the amount of change likely to occur in the network, especially changes in traffic types. The more that traffic types change, the more difficult it will be to effectively implement an IPS. Most security systems, from firewalls to VPNs, work better when network change is restricted. However, this holds especially true for IPSes: Because traffic filters must be changed when traffic is added to the network, an IPS could become a roadblock to fast network changes. Even so, we think network IPSes will have a positive impact on network security and ultimately make IT management easier. Senior Analyst Cameron Sturdevant can be contacted at firstname.lastname@example.org. Check out eWEEK.coms Security Center at http://security.eweek.com for security news, views and analysis. Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page:
The ability to securely distribute an update to IPS devices scattered throughout the enterprise, especially as the devices gain specialized protection features, will often depend on whether the IPS is installed at the network perimeter or inside the data center.