Why IDS/IPS should be used
Why IDS/IPS should be used?
F It’s a fact that while every network has a firewall, most still have an effect on network security issues. IT professionals are conscious of the need for extra protective technologies, and network tools vendors are worried to fill in the gap.
F IPS have been endorsed as cost-effective ways to drop malicious activities, to become aware of worm and virus attacks, to be responsible as a network sensing point, to support in fulfillment requirements, and to act as a network disinfecting agent.
In network security firstly consider Firewall. Firewalls is considered as a first level of protection in a network security architecture, acting as an access control application by allowing specific protocols (like HTTP, DNS, SMTP) to pass through a set of source and destination addresses. Essential to access policy enforcement, firewalls usually examine data packet headers to make traffic flow decisions. Generally, they do not inspect the entire data inside the packet and can’t detect or prevent malicious code attached within normal traffic. Moreover routers also offer some basic protection through packet filtering processes.
Firewalls and router based packet filtering are important components of an overall network security; they both are insufficient on their own. Network IDS products inspect the entire data of every packet flowing through the network to detect malicious actions. This data inspection technique provides packet analysis as compared to a router or a firewall. IDS (Intrusion Detection Systems) are effective when malicious threats are embedded in familiar protocols, like an HTTP session, which is not detected by firewall. The processing power required for an Intrusion Detection System is higher, when compared to a firewall application. Networks have made IDS products essential devices as security professionals strive to detect, inspect, and protect networks against malicious activities. Consequently, IDS products are placed outside and inside firewalls and are quickly in best practice secure network implementations.
I get this topic from Thesis of