Host Intrusion Prevention Best Practices
As stated in Chapter 10, “Deploying Host Intrusion Prevention,” host intrusion prevention (CSA) is the last line of defense in a computer attack. The perimeter can do everything it's designed to do, and do it correctly, but there are still day-zero attacks that use valid traffic that can exploit your hosts and servers. Therefore, host intrusion prevention should be viewed as equally important as perimeter security devices.
Remember that host intrusion prevention might stop processes and programs that are acting badly. Therefore, be sure that you have given CSA a chance to tell the difference between good and bad device behavior. Therefore, it is important to deploy CSA correctly. You must put your applications ...
Get Securing Your Business with Cisco ASA and PIX Firewalls now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
