Detecting network intrusions is no longer enough. No wonder: The lag between vulnerability announcement, patch release and exploit is shrinking like a cheap trade-show T-shirt.
The Blaster attack came only 25 days after the patch was released, and Sasser was even faster–18 days.
In March, the Witty worm struck a buffer-overflow vulnerability one day after the flaw was discovered.
Network IPSs (intrusion-prevention systems) can help keep your systems safe by identifying and blocking suspicious traffic.