Intrusion Prevention

Preventing Intrusions

Properly dealing with intrusions is an important area in security management. Preventing intrusions from happening in the first place, is even better. The key in intrusion prevention is to know your network and implement the appropriate security measures. This could be a measure like disabling password based logins, or installing a firewall to prevent some network traffic reaching your systems.

Prevention & Detection

Intrusion prevention and detection are two separate processes, but go hand in hand. In case suspicious traffic (like a worm) is seen on the network, a preventative control should be activated to disallow the same thing from spreading to other network segments. Therefore the right focus on both intrusion prevention and intrusion detection, should be properly prepared and configured. Only with the right tooling you can trust on the related controls.

System Hardening

Another area which is related to intrusion prevention, is the implementation of system hardening. By securing systems and limit their default permissions and access, most attacks can be thwarted. It is similar to castles hundreds of years ago, which were fortified on the outside, together with water surrounding the building and implementing gates. When something was discovered by the watchers at a lookout post, additional preventative controls should be activated, like pulling up the bridge.

Take the next step

  • Already used Lynis? Choose the right plan and upgrade.