Discontinuing separate Intrusion Prevention/Intrusion Detection module in F-Secure Corporate clients

StevenGE

Hi, I am relying to this post: F-Secure will discontinue separate Intrusion Prevention/Intrusion Detection system (IPS/IDS) module in its endpoint protection software. Modern workstation versions of Microsoft Windows operating systems do not have many services open to network, and the ones that remain open are well hardened by Microsoft. Thus we have moved our efforts on protecting against attack vectors that are actively used. As the cyber security threat landscape evolves F-Secure wants to keep focus on developing current and future state-of-the-art techniques to battle against modern malware in its corporate endpoint security products. Intrusion Prevention/Intrusion Detection system will no longer be available in Client Security 12.10 version. Users can still configure IPS/IDS for older versions of Client Security from the Policy Manager Console. PSB Workstation 12.x releases will still include Intrusion Prevention/Intrusion Detection module but it will also be removed in the future releases. ------------------------------------------------------------------------------------------------------------ From my understanding, a Host-based intrusion detection/prevention system is a core component in "Security in depth". if someone is in the network and is trying to attack a station wouldn't a HIPS detect and block it? I am not sure to understand why it is being removed and what service will be able to replace this protection? thanks for more explanation. Steven