| 1888 Articles Home | Internet & E Commerce Articles | Security Articles | Windows Articles | Security RSS |  |
||
Top Reasons to deploy an Intrusion Detection and Prevention System |
||||
|
An intrusion detection system is a perfect passive security solution that is especially designed to monitor all inbound and outbound network activity. |
||||||||||||
| Author: Alex Smith |
|
|||||||||||
An intrusion prevention system is considered to be a passive monitoring system the reasons are:
- An IDS product warns you of suspicious activity taking place of course not to prevent them.
- It essentially reviews your network traffic and data and identifies probes, attacks, exploits and other vulnerabilities.
- It can respond to the suspicious event in one of several ways which includes displaying an alert, logging the event or even paging the administrator.
- One may also find in some cases that it reconfigures the network to reduce the effects of the suspicious intrusion.
- It identifies any suspicious activity or events which is the result of a virus, worm or hacker and is done by looking for known intrusion signatures or attack signatures.
- The intrusion signatures characterize different worms or viruses and track the general differences which vary from regular system activity.
The IDS is a freely distributed open source program to offer much more expensive and secure vendor software appliances and sensor devices which are installed at different points of the network.
Based on the functionalities, an Intrusion Detection System has been categorized as under:
- Network and Host based detection
- Misuse and anomaly detection
- Passive and reactive systems
a) Network based IDS systems are often stand alone hardware appliances that include network intrusion detection capabilities. It consists of hardware sensors located at various points of the network or the software that is installed to the system computers to your network. It analyzes the data packet entering or leaving your network. HIDS do not offer true real time detection but detects properly when configured correctly.
b) Host based IDS are software agents installed on individual computers within the system. It analyses the traffic to and from the specific computer on which the intrusion detection software is installed on. Host based often provides such features that you cannot get in the network based IDS.
In misuse detection, the information is gathered and compared to large databases of attack signatures. It is like a virus detection system where detection software is only as good as the database of intrusion signatures that it uses to compare packets against. The anomaly detector monitors network segments to compare their state to the normal baseline and look for anomalies.
c) In a passive system, IDS detects a potential security beach, information logs and alert signals. In a reactive system, the IDS respond to the suspicious activities by logging off the user or by reprogramming the firewall to block the network traffics from the suspicious malicious source.
Therefore, no need to explain more why your system definitely needs the best intrusion prevention so that you can have the network security in your hands and can perform safely and protected.
About Author
Get 100% guaranteed cyber security with Intrusion detection systems, next generation firewall and Intrusion prevention software. Get more information about Intrusion Detection and Prevention System please logon http://www.sourcefire.com/
Article Source:
http://www.1888articles.com/author-alex-smith-293.html
Other Related Articles Complete Your Beach Bedding with the Right Pillow Covers by Clerisa Gomes How to Choose Beach Bedding and Bed Pillows for Your Bedroom by Clerisa Gomes A Guide to Choosing Organic Beach Bedding for Your Bedroom by Clerisa Gomes Top Reasons to deploy an Intrusion Detection and Prevention System by Alex Smith How to Choose Laundry Bags for Your Dorm Room by Clerisa Gomes Instant Approval Loans- Via online guidance by John Mike Tips for Buying Backpacks for Girls by Flavina Maria |
|
