I just need your guys opinion about HIPS and pc firewalls. We have some servers (windows 2003 and 2008) that we need to further protect with either or both of above mentioned systems. This is just a recommendation from our IS deptt and we need to give them a reliable demo to see if this actually works. Basically the point is, our servers may (and in most cases will) run vulnerable services but we need to place some sort of pc based security solution that can stop malicious attempts. I know the requirement is bit vague but when i searched the internet, there were few pc based firewalls but i found very little information of any famous HIPS. But since we need to monitor applications behaviour (like http, sql etc) we need some sort of application level monitoring for malicious packets, and the biggest requirement of all, we need to customize or even create or own rules/signatures to prevent from attacks.
Now i know of snort, sorry for my 2 stupid questions
1) can it prevent from attacks also
2) can it be used ideally as HIPS ?
Anyone has any suggestions for any powerful host based security solutions, almost impenetrablea :-)