IPS Intrusion Prevention System
Although IPS devices are designed to block all known signature-based attacks, they also come with certain key features. IP reputation, DoS protection, and quarantine are essential features that should be present in every IPS device. While the capacities of IPS devices may show remarkably high values when looked at in datasheets, performance directly decreases when SSL comes into play.
In addition, high-algorithm cipher suites/TLS versions further strain these devices. Due to the very limited cipher suite support, compromising security may be necessary. Once all these factors are considered, costs unnecessarily escalate. Therefore, it is advisable to perform SSL decryption on an SSL Visibility Appliance. If you have an LTM deployed in route mode, redirecting the LTM-Server communication to HTTP and placing this device will provide similar protection.