Intrusion Detection And Prevention

The famous proverb “Knowledge is power” is attributed (probably wrongly) to Sir Francis Bacon, one of the founding fathers of the modern science. Usually referring to the contribution of science to the progress in human well-being in modern times, it is often criticized on the grounds that it takes action and not just knowledge to achieve progress.

The world of information security presents a similar dilemma. In my previous post, “black cat, white cat”, I divided the world of security controls into black listing tools for detecting and preventing attacks and whitelisting tools enforcing policies. However this is not the only categorization one can make of security tools: an orthogonal categorization would be between passive controls, the “knowledge”, and active controls, the “action”. Is knowledge power? Are passive controls which provide us with information but do not take an action effective?

DragonSoft from Taiwan has introduced what they label a "Personal Web Application Firewall". The new product is essentially a low cost IIS plug-in and the "personal" label refers to the price rather than to some desktop protection. Since the press release itself mentions that the product is signature based, we at Xiom classify it as an IPS and not as a WAF in our product directory.