Intrusion Prevention Scanning
Information Technology Services uses Intrusion Prevention Systems (IPS) to help identify and prevent malicious activity on computers connected to a network.
These tools focus on identifying possible incidents (such as personal data release), then log information about the incidents and attempt to stop them.
In today's environment, where anti-virus software does not stop all threats and even legitimate Web browsing can lead to a compromise, utilizing IPS are an important part of securing the University's IT infrastructure.
IPS incident focus includes:
• controllers of botnets, trojans, and rootkits (advanced viruses)
• providers of malware (e.g., malicious advertisements on legitimate websites)
• scans or exploits typically not blocked by firewalls
• adware on spyware that may leak information
• Denial of Service (DOS) attacks Best Practices Provided for all of campus for all network traffic entering and leaving campus.