Which ports to monitor with IPS ?

Started by hushcoden, May 24, 2020, 12:16:35 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 24, 2020, 12:16:35 PM Last Edit: May 24, 2020, 12:18:10 PM by hushcoden
I did search quite a lot but I couldn't find a definite answer: I've enabled IDS + IPS and I'm still not sure whether or not I should also monitor the WAN port or just LAN...

By searching about the subject, I did find who was saying yes and others saying that it would make no sense as the firewall will drop bad packets anyway...

I was hoping to get a definite answer from any of the security experts of the forum...

Tia.
May 24, 2020, 12:53:40 PM #1
That depends on what you want to protect against.

1. Attacks from evil outsiders?
2. Constrain compromised clients/malware?

Following the logic that you may want to drop an unwanted packet the earliest possible it's both interfaces if you consider 1 and 2 valid scenarios.
Print
Go Up Pages1
User actions