Efficiency of the Intrusion Prevention system
Asked By
10 points
N/A
Posted on - 04/12/2012
What's the best way for me to test or check if my Intrusion Prevention system is working?
Best Answer
Best Answer
Efficiency of the Intrusion Prevention system
Also known as Prevention and Intrusion detection systems, the Intrusion prevention systems (IPS) are used in monitoring activities which are malicious in nature and which are also related to the network. Expected functions for IPS include prevention and identification of malicious activities and stop them from progressing further.
There are different methods to see if IPS is in the active state or not. This is as provided below:
- Anomaly detection vs misuse detection : In case of anomaly detection, the system administrator defines the baseline.The anomaly detector helps in monitoring the network segments and also compares the various states of them to the normal and prescribed baselines and then would see for any anomalies.In the case of misuse detection, IDS would use the information compares with large databases containing attack signatures and analyze them.IDS would be looking at the specific details of the already well documented attack.The misuse detection software or the virus detection system is good only if the database containing the attack signature is good and the comparison procedure it does against the packets.
- Host-based systems vs Network-based : In host based system, the focus is on the examination of the activities on the each individual host or computer.However in the case of network-based system, the focus is on the analysis of individual packets which flow through the network.They can detect malicious packets filtering rules which could be simplistic.
- Reactive system vs passive system : In a reactive system, the IDS is reacting to malicious activities by either of logging off or with the help or programming the firewall, which in turn blocks the traffic from the network especially from the suspected source.. In the passive system, IDS provides signals which alert the system to know there is a potential security breach.
Efficiency of the Intrusion Prevention system
Intrusion Prevention Systems [IPS] are also known in another term as Intrusion Detection and Prevention Systems [IDPS]. These are kinds of network security hardware that checks network activities as well as system activities for any sign of malicious activity. Its main purpose is to detect any malicious activity then create a log information about it. After that it will try to stop or block the activity from progressing and then notify the administrator or the user about the detected activity.
IPS are considered as extensions of IDPS because they both check system activities and network traffic for any malicious activity. The only difference is that IPS can dynamically block and prevent the detected intrusion and can execute actions like dropping the malicious packets, sending an alarm, blocking the traffic from the offending IP address, and resetting the connection. It can also fix errors in the Cyclic Redundancy Check [CRC].
Intrusion Prevention Systems are classified into 4 types:
- Network-based Intrusion Prevention System [NIPS] – checks the whole network for any suspicious traffic.
- Wireless Intrusion Prevention Systems [WIPS] – monitors wireless the network.
- Network Behavior Analysis [NBA] – inspects network traffic to find threats that create strange traffic flows like for example the Distributed Denial of Service [DDoS] attacks.
- Host-based Intrusion Prevention System [HIPS] – software package that needs to be installed that can monitor a single host for malicious activity.
Latest Articles
Top 10 Artificial Intelligence Cryptocurrency
It is a type of digital currency. It can be consumed or negotiated, but it is not issued by central banks or retained in financial institutions. It enables transactions without involving central banks or...
What Types Of Games Are Available At WOW Vegas Casino?
WOW Vegas Casino is one of the most well-known online casinos out there. It’s one of those names that comes up time and time again when it comes to the best online casinos in...
Bet365 India Review: An In-Depth Analysis For Sports Betting Enthusiasts
Bet365 India Betting
Bet365, a stalwart in the global sports betting industry, has carved an impressive niche in the Indian market. Established over two decades ago, it has evolved into one of the world's premier...
Latest Blogs
Top 10 New Laptop Entrants That Shook The Public
The finest laptops are powerful enough to do your daily tasks, comfortable enough to use all day, and power-efficient enough to ensure you don't run out of battery power unexpectedly. Of course, all these...
10 Facts About The Dark Web
Before getting into knowing the facts, let’s have a brief about the Dark Web. The dark web is the data of the World Wide Web that is accessible only through special software, combinations, or...
Top 10 Latest Steam Cleaner Machines
While looking for a chemical-free way to clear and purify both durable and low grounds in your home, a steam cleaner is an excellent solution. With a spurt of superheated steam, this cleaning equipment...
Latest Tips
Top 10 Internet Monitoring Software
Internet monitoring software keeps a log of all internet activities. You can install this type of software on your computer remotely or by the administrator. An operating console controls this software. This type of...
Top 10 Best Partition Manager Software
A Hard Disk Drive is usually partitioned into various smaller drives for optimization. A partition manager helps make this process easier and more efficient. Here, let’s discuss the top 10 best partition manager software.
1....
Top 10 Best Online Music Production Software
Music production is the initial stage of any song. Music production can be done either in studios or at home using an online music production software. Here, let’s discuss the top 10 best online...
