Question

All the information contained in the module mainly focused on network-based IDS or IPS. However, the logic behind these systems can apply to other types of systems designed to ensure physical security or application security. Physical security is an important component of cyber defense, and often, it is overlooked or not given the proper attention.

Research and find an example of either an intrusion detection (IDS) or intrusion prevention (IPS) system. The IPS or IDS system you select can be designed to protect at any layer (network, host, physical, etc.). Provide a brief summary of IDS or IPS system and a high-level overview of how it functions. (3-4 sentences). There are hundreds of products on the market today with a wide variety of features and tools and even some very popular open-sourced products.. Then, briefly describe what sets the tools apart from the rest of their competitors. (1-2 sentences).

Answer 1

Hi, I would love to solve out your problem. I hope you will be having a clear idea related to the IDS and IPS. So not wasting much time lets get started towards the questions.

We should have an example of the IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) and a brief summary of its functioning and how it is different from the other competetors in the market, This is the main motive of our question and we should move ahead.

There are many IDS and IPS available inside the market wheter for the network , host or the physical security . We will be talking about the Snort which is an example of the Intrusion detection and prevention system, there are many others too but we will be talking of it .

Snort is a free open source Intrusion detection and prevention system which is currently developed by cisco. There are two types of the IDS which are network based and the host based. This works on the network based IDS and IPS this softare has the ability to detect the Buffer overflow, Cross-site scripting , OS fingerprinting and stealthy port scans, which may be very helpful in the prevention of the attacks by detecting them.

There are many products available imside the market and even from large tech giants too but some of them are paid for the premium versions and some of them are open source too. The snort is different in them as its capability of detecting the number of attacks is more and is even an open source product for use . Which may stand in for the competition inside the market.

Hope you would have got your answer , as you clearly mentioned the limits so this is it according to them.

Please like an answer if you like it and got to learn something and do comment for any queries.

Thanks and Happy to help :)

HAPPY LEARNING