Companies should seriously consider installing an IPS device.
Reacting to the mytob worm, which hit three London hospitals last week, Ash Patel, UK country manager at Stonesoft claimed that this demonstrated the need to have a good patch management solution.
However, Patel claimed that a preventative measure that had not been considered was an intrusion prevention system (IPS) device. Patel said: “An IPS can be used to condition malware and control Skype, instant messaging as it works more on a reactive basis and cross references on more of a DNA approach – meaning it can identify the load that the virus is carrying.
“It negates the need to update virus patching every half day or so and in a zero day gap, the IPS can integrate with the network access solution (NAC) system, if a section of the network is infected, an IPS can see it and communicate with the NAC to work with it and quarantine the section that is not working.
“The IPS is something people should consider as many people just see it as an anti-hacking method when it is so much more than that.”
With a large number of variants present every day, Patel claimed that the task is never ending for IT and security managers when it comes to being pro-active. Patel said: “No matter how good your protection is, when a virus comes into play you need to be pro-active but it does help to be reactive. You need to have systems to be proactive and it is helpful to be able to automate the process, test it and reduce the critical impact time it would have.”