Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Cisco Intrusion Prevention System

Product Type
Network and Network Related Devices and Systems
Product Status
Assurance Level
Protection Profile
Product Components
PS 4300 and 4500 series sensors (4345, 4360, 4510, and 4520); IPS hardware modules for ASA 5585-X (IPS SSP-10, SSP-20, SSP-40, and SSP-60); and IPS software modules on ASA 5500-X (ASA 5512-X, 5515-X, 5525-X, 5545-X, and 5555-X)
Product Description

The Cisco Intrusion Prevention System TOE consists of both hardware and software solutions used to identify, classify, and stop malicious traffic, including worms and network viruses, before they can affect network continuity.  The Cisco IPS is an independently-administered platform that can be deployed as modules within Cisco ASA firewalls, or as stand-alone appliances.   When the Cisco IPS detects violations to approved network traffic flows the various deployment options support real-time traffic inspection and logging, and/or applying traffic filtering rule changes to separate firewalls and routers, and/or in-line traffic filtering within the Cisco IPS device.  The Cisco IPS modules and appliances generate audit logs for IPS events as well as for system events including administrator authentication, administrative actions, and events related to encrypted channels used for remote administration and secure communication with external servers and devices. The IPS functionality is outside the scope of evaluation and was not tested. The development of an extended package to NDPP to cover IPS systems is in progress and expected to complete in March, 2014