Cisco: Want security? You need IPS and WAF
From the 'real hardware for real threats' files:
My colleague Alex Goldman wrote a great story yesterday about Cisco's mid-year security report. Cisco's report (and the story) has a strong emphasis on what IT can do to better secure itself with best practices and awareness of threats, insider and otherwise.
One thing that report doesn't specifically call out is the need for hardware - specifically IPS (Intrusion Prevention System) and WAF (Web Application Firewall) technologies. It's something that I asked Patrick Peterson, Cisco fellow and Chief Security Researcher about (pic above left from a screen capture I took during the webcast) during a live webcast discussing the Cisco security report.
"In the report we talk specifically about vulnerabilities that are always present in a large organization and you can't be 100 percent protected from all the time. That's where IPS comes in," Peterson said. "The ability for IPS to be updated more quickly than you can thousands of PCs and be able to stop attacks is very valuable."