Tag: intrusion prevention system

Business-grade data security could approach the home network

Article

Startup builds intrusion prevention system for home networks | PC World

My Comments

A device that is being used mainly in enterprise networks is the “intrusion prevention system” which is another form of firewall installed at the network’s edge. This device is typically set up between a modem and the router that serves normally as the network’s edge to protect the network from outbound and inbound Internet-based attacks.

Increasingly, as most home networks acquire more devices and more of these devices are programmed with firmware that isn’t “written for security”, these devices are being seen as necessary for home and small-business networks.

Itus Networks are working on one of these devices and optimising it for the home network, so it is as secure as a similar device used in Enterprise America but is more cost-effective and is able to be managed by most householders. The iGuardian product is intended to go between the router and the modem to analysie outgoing and incoming traffic for malicious activity and block such activity based on community or commercial “Snort-form” rulesets.

But this form factor wouldn’t work well with the modem-router which is the way to go for most DSL services, where the modem and router are in one box. Personally, I could see the “intrusion prevention system” become an included feature with high-end routers that are pitched at “enthusiast” consumers, SOHO users or small businesses rather than the low-tier routers sold to most consumers.

Similarly, a functionality gap exists where other network devices could be at danger of intrusion caused by one network device without Internet involvement.

As well, I find that they may not be accepted for most home networks because they may be difficult to operate unless you have a lot of competence with business-grade computing. This may be due to issues like lack of “task-based” or “simple-language” design.

At the moment, this device is showing that the concept of business-grade internet security for the home network in the form of an “intrusion prevention system” is at its early stages and there needs to be a lot more work done to make a mature product for this class of network and the kind of operator that it will face..