Description of this paper

assignmentSC-1

Description

solution


Question

Due date 8/4/ 2013 10:00 PM CST;4 pages of IPS and IDS in banking business network;Review and describe the need for intrusion detection systems (IDS) and intrusion prevention systems (IPS).;Discuss how they can effectively be used in a network operations setting.;Ensure that there is an appropriate use of the IDS and IPS in the network diagram.;IDS/IPS Introduction;Network Intrusion Detection System IDS;Network Intrusion Prevention System IPS;Key Differences Between IDS & IPS;Connecting an IDS Device;Connecting an IPS Device;IDS & IPS Tuple Deployment;citation and references;Mr. AMERICA;You try to sell me answer not belong you just you copied it and pasted I will give a sample from you answer;Network administrators tend to underestimate or overlook serious alarms, and sometimes they even reduce the sensitivity of the IDS. On the other hand, one single undetected intrusion can seriously undermine the confidence in the IDS.;In order to allow fast and reliable identification and analysis of new attack patterns and signatures, the application of so-called honeynets [6] has been proposed. Honeynets are artificial networks (i.e. networks with no real users or traffic) exposing computer systems (honeypots) openly (i.e. without full firewall protection) to attacks in a tightly controlled and monitored environment. Due to their comprehensive traffic and activity logging capabilities, honeynets can be used to gather statistical data on the number and type of attack attempts [7]. In addition they allow in-depth forensic analysis (online and offline) of successful attacks to gain insight into the methods, strategies and motivations of attackers [6], [8]. However, our own experience has shown that operating a honeynet requires a significant effort. Furthermore, the results obtained from a honeynet are not directly usable for intrusion detection purposes. Therefore, the benefits;of using honeypots and honeynets to support IDSs in production networks are;disputed in the IDS community.;The concept presented in this paper combines mechanisms from the areas of intrusion detection and intrusion response with honeynet mechanisms. The basic idea is to isolate systems generating suspicious (but not yet positively identified as malicious) traffic automatically in a tightly controlled honeynet environment for further observation before making a final decision. During this ?quarantine?, harmless traffic from these systems is still forwarded to the production network to allow users to continue working while all potentially harmful traffic is contained within the honeynet. Thus, it is possible to reduce the number of false alarms without generating an unacceptable risk for the production network.;In section 2, the relevant characteristics of IDSs and honeynets will be discussed before presenting the proposed concept and its components in some detail in section 3. Section 4 presents a first prototype implementation which demonstrates the feasibility of the concept. Section 5 provides a summary and an;outlook on further work.;2 Features and limitations of IDSs and honeynets;Mobile terminals used both within private (enterprise) networks and outside while at home or travelling can only be partially controlled by the network administration. Therefore, they provide multiple entry points for malware and limit the efficiency of classical firewall concepts. To the same degree, the need to detect the violation of security objectives and to contain their impact increases. Intrusion detection and intrusion response systems are deployed to provide a way for dealing with these conditions by reporting observed incidents. The (additional) use of honeynets and honeypots has also been proposed to investigate new attack types.;I copied page 2 from this research paper;http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.68.8351&rep=rep1&type=pdf;Good Luck

 

Paper#72389 | Written in 18-Jul-2015

Price : $47
SiteLock