The present invention relates generally to the field of network security appliances and more specifically to intrusion prevention systems using a dynamic tuple mechanism.
Network access policy (NAP) defines the protection domain in an intrusion prevention system (IPS). IPS are network security appliances that monitor network and/or system activities for malicious activity. NAP binds the network attributes in the network traffic to a sequence of actions (e.g., packet inspection, web application control, URL filtering, etc.). Packet inspections keep track of the state of the network connection traveling across it.