Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analysis: Host Intrusion Prevention

 
 

A Host Intrusion Prevention system is relatively new endpoint-protection technology, but to a great extent it builds on existing security systems: From antivirus software HIPS retains virus protection. From anti-malware products, it has co-opted malware scanning. From network intrusion-prevention tools, it adopts network interface monitoring.

An enterprise with all these in place might justifiably wonder, why add another layer?


NETWORK ACCESS CONTROL
Immersion Center

NEWS | REVIEWS | BLOGS | FORUMS TUTORIALS | STRATEGY | MORE

But HIPS brings more to the table than the sum of its parts. Our testing and analysis show HIPS is quite possibly the most comprehensive desktop-protection product segment to date. No creditable vendor will promise to repel 100 percent of zero-day attacks, but HIPS technology can come close by using memory protection against buffer-overflow and heap exploits; by executing protection schemes to keep an attacker from building and executing code in a data segment; and by watching for unauthorized or unusual file access.

And in a time of proliferating attack vectors against machines that must stray from the relative safety of the internal network, HIPS brings new protections as well, giving IT the tools to identify and limit attack sources and shore up weak spots.

  • 1