Due date 8/4/ 2013 10:00 PM CST
- 4 pages of IPS and IDS in banking business network
- Review and describe the need for intrusion detection systems (IDS) and intrusion prevention systems (IPS).
- Discuss how they can effectively be used in a network operations setting.
- Ensure that there is an appropriate use of the IDS and IPS in the network diagram.
Network Intrusion Detection System IDS
Network Intrusion Prevention System IPS
Key Differences Between IDS & IPS
Connecting an IDS Device
Connecting an IPS Device
IDS & IPS Tuple Deployment
citation and references
You try to sell me answer not belong you just you copied it and pasted I will give a sample from you answer:
Network administrators tend to underestimate or overlook serious alarms, and sometimes they even reduce the sensitivity of the IDS. On the other hand, one single undetected intrusion can seriously undermine the confidence in the IDS.
In order to allow fast and reliable identification and analysis of new attack patterns and signatures, the application of so-called honeynets  has been proposed. Honeynets are artificial networks (i.e. networks with no real users or traffic) exposing computer systems (honeypots) openly (i.e. without full firewall protection) to attacks in a tightly controlled and monitored environment. Due to their comprehensive traffic and activity logging capabilities, honeynets can be used to gather statistical data on the number and type of attack attempts . In addition they allow in-depth forensic analysis (online and offline) of successful attacks to gain insight into the methods, strategies and motivations of attackers , . However, our own experience has shown that operating a honeynet requires a significant effort. Furthermore, the results obtained from a honeynet are not directly usable for intrusion detection purposes. Therefore, the benefits
of using honeypots and honeynets to support IDSs in production networks are
disputed in the IDS community.
The concept presented in this paper combines mechanisms from the areas of intrusion detection and intrusion response with honeynet mechanisms. The basic idea is to isolate systems generating suspicious (but not yet positively identified as malicious) traffic automatically in a tightly controlled honeynet environment for further observation before making a final decision. During this “quarantine”, harmless traffic from these systems is still forwarded to the production network to allow users to continue working while all potentially harmful traffic is contained within the honeynet. Thus, it is possible to reduce the number of false alarms without generating an unacceptable risk for the production network.
In section 2, the relevant characteristics of IDSs and honeynets will be discussed before presenting the proposed concept and its components in some detail in section 3. Section 4 presents a first prototype implementation which demonstrates the feasibility of the concept. Section 5 provides a summary and an
outlook on further work.
2 Features and limitations of IDSs and honeynets
Mobile terminals used both within private (enterprise) networks and outside while at home or travelling can only be partially controlled by the network administration. Therefore, they provide multiple entry points for malware and limit the efficiency of classical firewall concepts. To the same degree, the need to detect the violation of security objectives and to contain their impact increases. Intrusion detection and intrusion response systems are deployed to provide a way for dealing with these conditions by reporting observed incidents. The (additional) use of honeynets and honeypots has also been proposed to investigate new attack types.
I copied page 2 from this research paper