HIPS vs NIPS - What's the difference?

289    Asked by AndreaBailey in Cyber Security , Asked on Mar 30, 2022

Can we interchangeably deploy a HIDS or HIPS instead of a NIDS/NIPS, what would be the risks, for example you have Symantec EPS modules with HIPS policies enabled, how are they different from a traditional NIPS or HIPS?

Answered by Anil Jha

No, you cannot interchangeably deploy HIPS vs NIPS. They attack different subsets of the same problem. Most simply N* is limited to network inputs, whereas H* has access to a far richer set of inputs (files! processes! network listeners!) to be judgmental about (and has less network visibility, so usually doesn't have the rich network parsing and signature set that a N* does). See also Can Snort be configured as HIDS?. That said, if your concern is satisfying an auditor or security requirements that say HIDS/NIDS, then either will do - such requirements are often written solely with the goal of making sure you're taking extra steps to secure yourself, not with the goal of dictating one technology or another.



Your Answer

Online Course

Tutorials

Salesforce Tutorial

Software Testing Tutorial

SQL Tutorial

Business Analyst Tutorial

Devops Tutorial

Data Science Tutorial

AWS Tutorial

Hadoop Tutorial

SSRS Tutorial

AWS S3 Tutorial

Functional Testing Tutorial

SSAS Tutorial

Automation Testing Tutorial

Manual Testing Tutorial

Selenium Tutorial

Kubernetes Tutorial

Scala Tutorial

ETL Testing Tutorial

Python Tutorial

Pyspark Tutorial

R Tutorial

Unit Testing Tutorial

API Testing Tutorial

Puppet Tutorial

Integration Testing Tutorial

Chef Tutorial

Jenkins Tutorial

Ansible Tutorial

Vagrant Tutorial

Docker Tutorial

Interviews

Parent Categories

Copyright | JanBaskTraining.com