IPS on Endpoint vs. Firewall

Hi

Since Endpoint and XG IPS rules are beased on Snort rules, will the IPS protection on endpoint be suitable to replace IPS on the XG Firewall, at least for some networksegments?

 

Cheers

Phil

Parents
  • Hi Phil,

    Thank you for your question.

    We recommend to still use IPS on the XG Firewall. Threat protection is a layered approach, where having multiple layers gives additional protection.

    The main use case is for endpoints that are temporarily located outside the protected network, for example in a coffee shop. And as it also checks outgoing traffic, it is an additional protection in case an infection was missed, and a malware tries to infect other machines in the network.

    The first barrier still should be a Firewall based IPS, as this is capable of running much more rules than an endpoint.

    Best regards,

    Vince

Reply
  • Hi Phil,

    Thank you for your question.

    We recommend to still use IPS on the XG Firewall. Threat protection is a layered approach, where having multiple layers gives additional protection.

    The main use case is for endpoints that are temporarily located outside the protected network, for example in a coffee shop. And as it also checks outgoing traffic, it is an additional protection in case an infection was missed, and a malware tries to infect other machines in the network.

    The first barrier still should be a Firewall based IPS, as this is capable of running much more rules than an endpoint.

    Best regards,

    Vince

Children