|    |    |    |    |
| --- | --- | --- | --- |

  

* * *

[[_TOC_]]

* * *

**Purpose**
-----------

This document outlines a strategy for providing IDS/IPS protection for applications running in AWS. 

Host-based IDS/IPS protection provides the following general capabilities and benefits:

1.  Acts as an additional layer of security for Layer3/Layer4 traffic by scanning and analyzing suspicious content for potential threats.
    
2.  Placed in the direct communication path, an IPS takes automatic action on suspicious traffic within the network.
    
3.  Allows to automatically scale protection with the load.
    
4.  Allows to use additional context available on the host for anomaly detection.
    
5.  Simplifies network design and operations.
    

**Implementation**
------------------

\[Host-based IDS/IPS\] will be installed on all hosts to provide for IDS/IPS protection.

 **Attachments:**