Presentation is loading. Please wait.

Presentation is loading. Please wait.

NETWORK SECURITY LAB Lab 9. IDS and IPS.

Published byShana Ward Modified over 6 years ago

Similar presentations

Presentation on theme: "NETWORK SECURITY LAB Lab 9. IDS and IPS."— Presentation transcript:

1 NETWORK SECURITY LAB Lab 9. IDS and IPS

2 Introduction – IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) increase the security level of network by: • Monitoring traffic • Inspecting and scanning data packets – Inspection and detection is mainly based on the malicious signatures already recognized – Flavors of IDS/IPS: – Software and Hardware – NIDS (Network IDS) – HIDS (Host IDS)

3 HIDS and NIDS • HIDS: Any antivirus can be considered as a HIDS as it will alert the user the moment a suspicious file or activity is detected. – Hosted on the device per-se – Reports malicious activities immediately to the user. • NIDS: – Strategically placed in the network. – All network devices such as servers, routers, access points and client computers can be inspected for any malicious activity. – Performs regular network traffic analysis – Can store information in Security Information and Event Management System (SIEM) – Alerts the system admin on unusual activities at both inspection and network traffic routines

4 NIDS – Network Activity Monitoring
- Benchmarks & Rules can be configured

5 HIDS HIDS: - Placed on a single host and not for network
Keeps checkpoints for comparison Scans files, file system, logs and software and alerts for the changes as malicious activity

6 Tools in practice - Industry is inundated with tools for IDS/IPS:
- Snort - IBM Qradar (SIEM) - NG – Secure Federated ID - FireEye MVX-IPS - McAfee Security Platform - NSFocus IPS - Secure works –iSensor Intrusion Protection system

7 Hands on - Follow the Instruction document in the folder Lab 9 – IDS and IPS for the hands on: - Setting up Snort as IDS on Windows

Download ppt "NETWORK SECURITY LAB Lab 9. IDS and IPS."

Similar presentations

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.
Access Control Chapter 3 Part 5 Pages 248 to 252.

Access Control Chapter 3 Part 5 Pages 248 to 252.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.

NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.
Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.

Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Log Analysis and Intrusion Detection By Srikrishna Gudavalli Venkata Naga Vamsi Krishna Ravi Kiran Yellepeddy.

Log Analysis and Intrusion Detection By Srikrishna Gudavalli Venkata Naga Vamsi Krishna Ravi Kiran Yellepeddy.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
By Edith Butler Fall 2008. Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.

By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
Host Intrusion Prevention Systems & Beyond

Host Intrusion Prevention Systems & Beyond
Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.

Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.
Department Of Computer Engineering

Department Of Computer Engineering
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
Security Guidelines and Management

Security Guidelines and Management

Similar presentations

Ads by Google