In this tutorial, Mark Pearce, EMEA channels & Strategic Alliances Director and Kevin Conway, Senior Security Architect, demonstrate some of the capabilities of the Enterasys Distributed IPS solution.
Many people use IPS solutions and/or internal firewalls to protect themselves from internal attacks and threat. One major issue with this is that it is entirely possible for the attacker to move to a different switch port on the network or connect to a different wireless access point and try again causing huge administrative overhead and headache for the IT Security team. In traditional IPS solutions, the point of detection and the point of enforcement are the same; they are an interface on the IPS appliance. This allows the IPS to detect and stop the attack but also leaves the attacker connected to the network and allows him to try further attacks.
A better approach would be to distribute the enforcement point to the network edge ports themselves. This is what Enterasys refers to as Distributed IPS, which was also explained in a post by our security solutions architect Dennis Boas.