Understanding IDS and IPS for Network Security

Slide Note
Embed
Share

Enhance the security of your network with IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) by monitoring traffic, inspecting data packets, and detecting malicious activities based on known signatures. Learn about different types like HIDS and NIDS, their functions, and tools used in practice to safeguard your network. Follow hands-on instructions for setting up Snort as an IDS on Windows.

brec932
brec932 Follow

Uploaded on Sep 23, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. NETWORK SECURITY LAB Lab 9. IDS and IPS

  2. Introduction IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) increase the security level of network by: Monitoring traffic Inspecting and scanning data packets Inspection and detection is mainly based on the malicious signatures already recognized Flavors of IDS/IPS: Software and Hardware NIDS (Network IDS) HIDS (Host IDS)

  3. HIDS and NIDS HIDS: Any antivirus can be considered as a HIDS as it will alert the user the moment a suspicious file or activity is detected. Hosted on the device per-se Reports malicious activities immediately to the user. NIDS: Strategically placed in the network. All network devices such as servers, routers, access points and client computers can be inspected for any malicious activity. Performs regular network traffic analysis Can store information in Security Information and Event Management System (SIEM) Alerts the system admin on unusual activities at both inspection and network traffic routines

  4. NIDS Network Activity Monitoring NIDS: - Benchmarks & Rules can be configured

  5. HIDS HIDS: - - - Placed on a single host and not for network Keeps checkpoints for comparison Scans files, file system, logs and software and alerts for the changes as malicious activity

  6. Tools in practice - Industry is inundated with tools for IDS/IPS: - Snort - IBM Qradar (SIEM) - NG Secure Federated ID - FireEye MVX-IPS - McAfee Security Platform - NSFocus IPS - Secure works iSensor Intrusion Protection system

  7. Hands on - Follow the Instruction document in the folder Lab 9 IDS and IPS for the hands on: - Setting up Snort as IDS on Windows

Related


Understanding Intrusion Detection Systems (IDS) and Snort in Network Security

Understanding Intrusion Detection Systems (IDS) and Snort in Network Security

adrol
Understanding P&IDs and Symbols in Process Engineering

Understanding P&IDs and Symbols in Process Engineering

veer
Understanding Security Onion: Network Security Monitoring Tools

Understanding Security Onion: Network Security Monitoring Tools

sadhbh
Understanding Intrusion Detection Systems (IDS)

Understanding Intrusion Detection Systems (IDS)

leon_m
The Impact of Individual Placement and Support (IPS) in Employment

The Impact of Individual Placement and Support (IPS) in Employment

exne_ala
Comprehensive Overview of the Intelligence and Development Scales - Second Edition (IDS-2)

Comprehensive Overview of the Intelligence and Development Scales - Second Edition (IDS-2)

amarantha
Enhancing Discovery with OCLC Work IDs

Enhancing Discovery with OCLC Work IDs

ger_ash
Understanding Computer Network Addressing

Understanding Computer Network Addressing

gaston
Signature-Based IDS Schemes for Heavy Vehicles

Signature-Based IDS Schemes for Heavy Vehicles

grer400
Understanding Linux User Capabilities and Namespace Management

Understanding Linux User Capabilities and Namespace Management

esa
Understanding Network Security: Hijacking, Denial of Service, and IDS

Understanding Network Security: Hijacking, Denial of Service, and IDS

sally
New Pattern Matching Algorithms for Network Security Applications by Liu Yang

New Pattern Matching Algorithms for Network Security Applications by Liu Yang

zahr_450
Understanding Investment Policy Statements in Portfolio Management

Understanding Investment Policy Statements in Portfolio Management

sgis
Implementation of Bus Transfer System in Thermal Power Plant - IPS-2024 Conference Highlights

Implementation of Bus Transfer System in Thermal Power Plant - IPS-2024 Conference Highlights

marceau
Efficient Interactive Proof Systems Overview

Efficient Interactive Proof Systems Overview

jag_bed
BCA 601(N): Computer Network Security

BCA 601(N): Computer Network Security

danna
Efficient VM Introspection in KVM and Performance Comparison with Xen

Efficient VM Introspection in KVM and Performance Comparison with Xen

are_ru
Comprehensive Course Review: Security Research Cornerstones at Carnegie Mellon University

Comprehensive Course Review: Security Research Cornerstones at Carnegie Mellon University

kol_lov
Enhancing Network Security with Software-Defined Snort and OpenFlow

Enhancing Network Security with Software-Defined Snort and OpenFlow

yazleenh
Strategy for Migration of CE & ST Assessee to GSTN

Strategy for Migration of CE & ST Assessee to GSTN

ame_p
Comprehensive Overview of Distributed Intrusion Detection System (DIDS)

Comprehensive Overview of Distributed Intrusion Detection System (DIDS)

cano_yah
Real-Time Data-Driven Network Security Workshop by Joe St. Sauver

Real-Time Data-Driven Network Security Workshop by Joe St. Sauver

liel_1
IPv6 Security and Threats Workshop Summary

IPv6 Security and Threats Workshop Summary

lori_4
Legal Framework on Information Security in the Ministry of Trade, Tourism, and Telecommunication

Legal Framework on Information Security in the Ministry of Trade, Tourism, and Telecommunication

joso_597

More Related Content

Network Slicing with OAI 5G CN Workshop Overview
Network Slicing with OAI 5G CN Workshop Overview
Understanding Snort: An Open-Source Network Intrusion Detection System
Understanding Snort: An Open-Source Network Intrusion Detection System
Understanding the Role of Security Champions in Organizations
Understanding the Role of Security Champions in Organizations
Understanding the Roles of a Security Partner
Understanding the Roles of a Security Partner
Progress of Network Architecture Work in FG IMT-2020
Progress of Network Architecture Work in FG IMT-2020
Enhancing Network Security Using Snort Virtual Network Function with DPI Service
Enhancing Network Security Using Snort Virtual Network Function with DPI Service
Understanding Weird Logs in Zeek for Network Security Analysis
Understanding Weird Logs in Zeek for Network Security Analysis
Overview of Computer and Network Security Fundamentals
Overview of Computer and Network Security Fundamentals
Cyber Threat Detection and Network Security Strategies
Cyber Threat Detection and Network Security Strategies
Understanding LXI Network Security in Industrial Environments
Understanding LXI Network Security in Industrial Environments
Modeling and Generation of Realistic Network Activity Using Non-Negative Matrix Factorization
Modeling and Generation of Realistic Network Activity Using Non-Negative Matrix Factorization
Guide to Grading and Rating Process for Chess Tournaments
Guide to Grading and Rating Process for Chess Tournaments
Lubbock Retail Integration Task Force – LRITF
Lubbock Retail Integration Task Force – LRITF
NYSITELL Testing Procedures and FAQs
NYSITELL Testing Procedures and FAQs
Transportation Network Modeling and Analysis with C.Coupled SE Platform
Transportation Network Modeling and Analysis with C.Coupled SE Platform
Patient Safety Issues in Merging Client IDs with FHIR Specifications
Patient Safety Issues in Merging Client IDs with FHIR Specifications
Network Compression Techniques: Overview and Practical Issues
Network Compression Techniques: Overview and Practical Issues
Understanding Transport Layer Security (TLS)
Understanding Transport Layer Security (TLS)
Understanding Security in World Politics
Understanding Security in World Politics
Meridian: An SDN Platform for Cloud Network Services
Meridian: An SDN Platform for Cloud Network Services
Understanding Computer Communication Networks at Anjuman College
Understanding Computer Communication Networks at Anjuman College
Revolutionizing Network Management with Intent-Based Networking
Revolutionizing Network Management with Intent-Based Networking
Understanding the Tor Network: An In-Depth Overview
Understanding the Tor Network: An In-Depth Overview
Analysis of Network Coordinate Systems and Security Vulnerabilities
Analysis of Network Coordinate Systems and Security Vulnerabilities