Network Intrusion Prevention Systems (NIPs) can alert on abnormal, suspicious, or malicious patterns of network behavior, and take autonomous actions to stop the behavior, such as resetting a network connection.

Sections

ID	Name	Description
ME006	Web Access	A subject can access the web with an organization device.
ME009	FTP Servers	A subject is able to access external FTP servers.
ME010	SSH Servers	A subject is able to access external SSH servers.
PR021	Network Scanning	A subject conducts a scan of a network to identify additional systems, or services running on those systems.
IF020	Unauthorized VPN Client	The subject installs and uses an unapproved VPN client, potentially violating organizational policy. By using a VPN service not controlled by the organization, the subject can bypass security controls, reducing the security team’s visibility into network activity conducted through the unauthorized VPN. This could lead to significant security risks, as monitoring and detection mechanisms are circumvented.
IF011.001	Intentionally Weakening Network Security Controls For a Third Party	The subject intentionally weakens or bypasses network security controls for a third party, such as providing credentials or disabling security controls.