Importance of Security CCNP
Importance of Security
The Internet has indeed become the largest data network, enabling and facilitating both personal and industrial communications all over world. The traffic moving over the Internet, as well as commercial networks, is developing exponentially daily. Communication is taking place via electronic mail, mobile users, telecommuters, and regional offices are using the Internet to remotely connect to their business networks, and commercial communication completed over the Internet, via the WWW (World Wide Web).
The Internet has changed and greatly expanded according to the need of business, this wide network and its linked technologies have opened the door to an increasing number of security attacks from which companies must guard them. Network attacks are more serious when they are imposed upon businesses that store sensitive data, for example personal financial or medical records, sensitive data can be lost, privacy can be violated, and many hours, or even weeks, of network downtime can arise. In spite of the costly risks of potential security violates, the Internet can be one of the secure means by which to conduct business. Such that, giving credit card information over the phone or a waiter of restaurant can be more risky than submitting the information via internet, because e-commerce transactions are protected by security devices.
Telemarketers and waiters are not always trustworthy or monitored. Still the security threat problems can be harmful to businesses. This doubt can limit the business opportunities for organizations, especially those that are completely dependable on Web based technologies. Companies must pass security policies and install security measures that not only are effective, but are also distinguished as effective. Companies must be able to communicate how they plan to protect their clients.
Chapter 2 covers the security details the view that security is a continuing process and the security includes four stages: secure, monitor, test, and improve.
There are the four categories of security threats: Structured, Unstructured, Internal, External
There are the four different categories of attack: Reconnaissance attacks, Access attacks, Denial of service attacks, Worms, viruses, and Trojan horses
Management protocols and configuration management are an important part of securing a network.
Chapter 3 then specifies the sensor is bootstrapped by using the setup command.
Moreover it covers the Full CLI features are in IDS software versions 4.0 and higher, the CLI uses syntax almost same to that of the Cisco IOS software, the CLI offers all the essential functionality to configure and supervise the sensor and the CLI provides many commands to verify configuration and system information, backing up and restoring configuration.
Chapter 4 describes the different sensor models can have multiple monitoring interfaces and all monitoring interfaces use the similar configuration. For the sensor to monitor our networks we must enable the monitoring interfaces and assign them to the default virtual sensor. For an IPS sensor to operate in inline mode, we must configure two monitoring interfaces as a pair.
We can configure the sensor to monitor the flow of data across an interface and send a notification if the flow changes. The software bypass feature ensures that data continue to flow through the IPS sensor even if the Analysis Engine ceases to function.
Chapter 5 explains the Class and Policy Mapping and different Blocking Signatures (String TCP, TCP Rest, ICMP Flood, and Attack Risk Rating)
In the end, we briefly present the conclusions from this project and also the possible future improvements and additions for better design/implementation and investigation of “Securing Converged Network Using IDS/IPS”.
The Internet has indeed become the largest data network, enabling and facilitating both personal and industrial communications all over world. The traffic moving over the Internet, as well as commercial networks, is developing exponentially daily. Communication is taking place via electronic mail, mobile users, telecommuters, and regional offices are using the Internet to remotely connect to their business networks, and commercial communication completed over the Internet, via the WWW (World Wide Web).
The Internet has changed and greatly expanded according to the need of business, this wide network and its linked technologies have opened the door to an increasing number of security attacks from which companies must guard them. Network attacks are more serious when they are imposed upon businesses that store sensitive data, for example personal financial or medical records, sensitive data can be lost, privacy can be violated, and many hours, or even weeks, of network downtime can arise. In spite of the costly risks of potential security violates, the Internet can be one of the secure means by which to conduct business. Such that, giving credit card information over the phone or a waiter of restaurant can be more risky than submitting the information via internet, because e-commerce transactions are protected by security devices.
Telemarketers and waiters are not always trustworthy or monitored. Still the security threat problems can be harmful to businesses. This doubt can limit the business opportunities for organizations, especially those that are completely dependable on Web based technologies. Companies must pass security policies and install security measures that not only are effective, but are also distinguished as effective. Companies must be able to communicate how they plan to protect their clients.
Chapter 2 covers the security details the view that security is a continuing process and the security includes four stages: secure, monitor, test, and improve.
There are the four categories of security threats: Structured, Unstructured, Internal, External
There are the four different categories of attack: Reconnaissance attacks, Access attacks, Denial of service attacks, Worms, viruses, and Trojan horses
Management protocols and configuration management are an important part of securing a network.
Chapter 3 then specifies the sensor is bootstrapped by using the setup command.
Moreover it covers the Full CLI features are in IDS software versions 4.0 and higher, the CLI uses syntax almost same to that of the Cisco IOS software, the CLI offers all the essential functionality to configure and supervise the sensor and the CLI provides many commands to verify configuration and system information, backing up and restoring configuration.
Chapter 4 describes the different sensor models can have multiple monitoring interfaces and all monitoring interfaces use the similar configuration. For the sensor to monitor our networks we must enable the monitoring interfaces and assign them to the default virtual sensor. For an IPS sensor to operate in inline mode, we must configure two monitoring interfaces as a pair.
We can configure the sensor to monitor the flow of data across an interface and send a notification if the flow changes. The software bypass feature ensures that data continue to flow through the IPS sensor even if the Analysis Engine ceases to function.
Chapter 5 explains the Class and Policy Mapping and different Blocking Signatures (String TCP, TCP Rest, ICMP Flood, and Attack Risk Rating)
In the end, we briefly present the conclusions from this project and also the possible future improvements and additions for better design/implementation and investigation of “Securing Converged Network Using IDS/IPS”.