Location: United States of America
Flowers: 0, Eggs: 0


Intrusion detection and prevention systems

Modern malware is increasingly finding its way past firewalls and virus scanners and threatens the corporate network from within. On the other hand, only special systems can help that search for attack patterns or anomalies in the LAN and possibly intervene themselves. But the use of intrusion prevention systems requires a sensible overall concept.

Intrusion detection systems (IDS) analyze the data stream in the LAN and report suspicious behavior; Intrusion prevention systems (IPS) also block a connection in the event of an attack.

Commercial IDS / IPS are available as virtual machines, appliances or firewall components. They are often based on open source software - which can also be operated independently.

IDS / IPS unfold their benefits only in a company-wide security concept that correlates and documents weak points and security incidents.

C.Computer networks have become dangerous places, firewalls and virus scanners are no longer effective against modern attacks on company LANs. The traditional protection against known threats at the transition between intranet and Internet as well as on the user's desktop fails because of the sophisticated methods of contemporary malware such as WannaCry or cleverly camouflaged, distributed denial-of-service attacks. It is therefore necessary to use an additional system in the intranet that monitors network traffic, reports suspicious activity and, if necessary, intervenes on its own to prevent anything worse.

The concept of such intrusion detection systems (IDS) is not new, but the products have meanwhile developed into versatile protection tools that give network administrators important insights into the flow of packets. They not only react to known behavior patterns with the help of signatures, but also recognize suspicious deviations from normal network traffic (anomalies). If such systems are also able to independently interrupt network connections if they have recognized them as dangerous or suspicious, they are referred to as intrusion prevention systems (IPS).

Read More: cisco intrusion prevention system
2020-08-10 18:04:58, views: 1203, Comments: 0

More articles

1 - 20 [ 137]