Comparative analysis of modern virtual network protection systems and their methodologies
DOI: 10.31673/2409-7292.2024.040007
DOI:
https://doi.org/10.31673/2409-7292.2024.040007Abstract
The article is a study of modern virtual network protection systems and their methodologies, in particular SIEM, IDS / IPS, NGFW, EDR, CASB and CWPP. The paper substantiates the relevance of integrating these solutions into a single security ecosystem in the face of the growing complexity of multi-vector cyber threats. A comparative analysis of protection systems is carried out according to the criteria of functionality, performance, integration, scalability and cost. Particular attention is paid to the role of innovative approaches, such as behavioral analysis, machine learning and automation, which provide rapid detection and response to threats in real time. The article highlights the key advantages of modern solutions. NGFWs provide advanced traffic inspection and integration of IPS functions, while EDRs are focused on deep analysis of behavioral anomalies. CASB and CWPP demonstrate effectiveness in protecting cloud environments by providing access control and workload protection. It was found that the combination of these technologies creates a comprehensive architecture that is able to adapt to changing threats. The study also emphasizes the importance of choosing between paid and free solutions depending on the financial capabilities of organizations. Open source systems such as Wazuh provide a basic level of protection, while premium solutions such as Splunk offer advanced features for large corporate networks. The scientific novelty lies in the systematic approach to comparing modern protection systems, which takes into account their functionality, cost and integration into the ISMS. The results obtained contribute to a better understanding of the effectiveness of different technologies in countering modern cyber threats and can be used to develop recommendations for implementing a multi-layered cybersecurity strategy in organizations.
Keywords: firewall, antivirus, traffic, virtual networks, cyber protection, cloud technologies.
