Understanding IDS and IPS for Network Security

Slide Note
Embed
Share

Enhance the security of your network with IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) by monitoring traffic, inspecting data packets, and detecting malicious activities based on known signatures. Learn about different types like HIDS and NIDS, their functions, and tools used in practice to safeguard your network. Follow hands-on instructions for setting up Snort as an IDS on Windows.

brec932
brec932 Follow

Uploaded on Sep 23, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. NETWORK SECURITY LAB Lab 9. IDS and IPS

  2. Introduction IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) increase the security level of network by: Monitoring traffic Inspecting and scanning data packets Inspection and detection is mainly based on the malicious signatures already recognized Flavors of IDS/IPS: Software and Hardware NIDS (Network IDS) HIDS (Host IDS)

  3. HIDS and NIDS HIDS: Any antivirus can be considered as a HIDS as it will alert the user the moment a suspicious file or activity is detected. Hosted on the device per-se Reports malicious activities immediately to the user. NIDS: Strategically placed in the network. All network devices such as servers, routers, access points and client computers can be inspected for any malicious activity. Performs regular network traffic analysis Can store information in Security Information and Event Management System (SIEM) Alerts the system admin on unusual activities at both inspection and network traffic routines

  4. NIDS Network Activity Monitoring NIDS: - Benchmarks & Rules can be configured

  5. HIDS HIDS: - - - Placed on a single host and not for network Keeps checkpoints for comparison Scans files, file system, logs and software and alerts for the changes as malicious activity

  6. Tools in practice - Industry is inundated with tools for IDS/IPS: - Snort - IBM Qradar (SIEM) - NG Secure Federated ID - FireEye MVX-IPS - McAfee Security Platform - NSFocus IPS - Secure works iSensor Intrusion Protection system

  7. Hands on - Follow the Instruction document in the folder Lab 9 IDS and IPS for the hands on: - Setting up Snort as IDS on Windows

Related


Understanding Intrusion Detection Systems (IDS) and Snort in Network Security

Understanding Intrusion Detection Systems (IDS) and Snort in Network Security

adrol
Update on AEEC IPS for Aeronautical Safety Services

Update on AEEC IPS for Aeronautical Safety Services

amend
Understanding P&IDs and Symbols in Process Engineering

Understanding P&IDs and Symbols in Process Engineering

veer
Understanding Security Onion: Network Security Monitoring Tools

Understanding Security Onion: Network Security Monitoring Tools

sadhbh
Understanding Devices and Network Security Implementation

Understanding Devices and Network Security Implementation

lilymay
Understanding Intrusion Detection Systems (IDS)

Understanding Intrusion Detection Systems (IDS)

leon_m
Comprehensive Overview of the Intelligence and Development Scales - Second Edition (IDS-2)

Comprehensive Overview of the Intelligence and Development Scales - Second Edition (IDS-2)

amarantha
Enhancing Discovery with OCLC Work IDs

Enhancing Discovery with OCLC Work IDs

ger_ash
Proposal for Network-Generated Device ID Scheme in IEEE 802.11

Proposal for Network-Generated Device ID Scheme in IEEE 802.11

kobe_hen
The Impact of Individual Placement and Support (IPS) in Employment

The Impact of Individual Placement and Support (IPS) in Employment

exne_ala
Signature-Based IDS Schemes for Heavy Vehicles

Signature-Based IDS Schemes for Heavy Vehicles

grer400
Understanding Linux User Capabilities and Namespace Management

Understanding Linux User Capabilities and Namespace Management

esa
Understanding Computer Network Addressing

Understanding Computer Network Addressing

gaston
Enhancing Cloud Security Through Virtual Machine Co-Migration for IDS Offloading

Enhancing Cloud Security Through Virtual Machine Co-Migration for IDS Offloading

acozz
Understanding Network Security: Hijacking, Denial of Service, and IDS

Understanding Network Security: Hijacking, Denial of Service, and IDS

sally
New Pattern Matching Algorithms for Network Security Applications by Liu Yang

New Pattern Matching Algorithms for Network Security Applications by Liu Yang

zahr_450
Understanding Intruders in Network Security

Understanding Intruders in Network Security

vic_ne
Comprehensive Review of IP Address Management Software at Shiraz University

Comprehensive Review of IP Address Management Software at Shiraz University

aza_mal
Understanding Investment Policy Statements in Portfolio Management

Understanding Investment Policy Statements in Portfolio Management

sgis
Implementation of Bus Transfer System in Thermal Power Plant - IPS-2024 Conference Highlights

Implementation of Bus Transfer System in Thermal Power Plant - IPS-2024 Conference Highlights

marceau
Efficient Interactive Proof Systems Overview

Efficient Interactive Proof Systems Overview

jag_bed
Cutting-Edge Analog IPs for High-Density SRAM and GPIO

Cutting-Edge Analog IPs for High-Density SRAM and GPIO

hzul
Efficient VM Introspection in KVM and Performance Comparison with Xen

Efficient VM Introspection in KVM and Performance Comparison with Xen

are_ru
BCA 601(N): Computer Network Security

BCA 601(N): Computer Network Security

danna

More Related Content