The first degree of protection makes a stateful firewall set up to enter the internal network and data center. Its role is basic traffic filtering. Also, it is good to have a upgrade in the form of a new generation firewall (NGFW), which offers much more functionality than traditional systems. The traditional packet filtering method at the TCP or UDP ports level has been replaced by DPI Inspection (Deep Packet Inspection). Using the DPI method, checks and headers of the package and its contents are carried out, which can carry harmful information.
IPS / IDS is another system that is recommended to have on the network, due to its ability to detect different types of application attacks, such as SQL injection and XSS. Although in this region most commonly happily implemented signature-based IPS, which, on the basis of well-known vulnerabilities, creates characteristic signatures, has recently been striving to use anomaly-based, i.e. behavioral-based IPS. This solution can, based on deviations from the standard state, detect the occurrence of suspicious traffic, or anomaly, which allows the blocking of attacks targeting previously unknown vulnerabilities in the system. Although IPS can be used as an independent solution, it is increasingly commonly integrated into NGFW.
