Question

In: Computer Science

Why would businesses need to have both firewalls and IDS and IPS to protect security? Give...

Why would businesses need to have both firewalls and IDS and IPS to protect security? Give specific examples of features that firewalls can do but IDS/IPS cannot and also vice versa.

PLEASE EXPLAIN IN DETAIL, AND ALSO PROVIDE REFERENCES. THANK YOU.

Solutions

Expert Solution

Business need to have both firewall and IDS and IPS to protect security --

  • IDS stands for Intrusion detection system. and IPS stands for Intrusion prevention system.
  • IDS -- It is a software application which helps to analyze and moniter information system of the organization's network to identify security breaches, malcious activity and vulnerabilities.
  • For example -- Buffer overflow attack.
  • IPS - It is application that identify critical layer of defense which has important requirenment to protect and monitor network from harmful traffic like cyber threat which is passing through your firewall.
  • IDS/IPS - behind the firewall identify and catches thousands of threats which is passing through your firewall and also catch the threat and try to leave the network.
  • IDS/IPS should be updated regularly and make sure that it is being monitor 24 hours.
  • IDS/IPS store the information which is needed to be analyed and reporting at later date.
  • By using IDS/IPS, the organization can identify attempts by attackers to compromise system, data and applications by deploying network IDS.  
  • The IDS/IPS configure internal security policies at network level of the organization.
  • For example -- if you are using one VPN, then you can use the IPS to block the traffic.

Specific example of features can do but IDS/IPS can not --

  • The IPS identify and inspect request and be able to drop, alert and clean malicious network request which is based on the content.
  • And the Firewall block traffic based on the network information like - IP address, network protocol and network port. it make decision which is based on the state of network connection.
  • The traffic pattern of IDS/IPS is analyed wheras traffic pattern of firewall is not analyed.
  • The unauthorized traffic is blocked by the firewall.
  • and in IPS/IDS, unauthorized traffic is detected and and alert on detection on anomly.
  • Firewall allow permission and blocks traffic by the protocol rules.
  • In IPS/IDS, it has signature detection, zero day attacks, blocking the attack, monitoring and take action on anomly based detection.

Related Solutions

Focus on one of these network security solutions (e.g. VPN, firewalls, proxy server, IDS, etc.) and...
Focus on one of these network security solutions (e.g. VPN, firewalls, proxy server, IDS, etc.) and explain how it works in protecting against specific network attacks (e.g. DoS, floodings, intrusions, poisoning , jijacking, etc)
Discussing - Network Security a) Discuss the relative merits of traditional signature-based IDS/IPS technology with newer...
Discussing - Network Security a) Discuss the relative merits of traditional signature-based IDS/IPS technology with newer form, such as application awareness and anomaly detection. b) Discuss and develop a theoretical network architecture for a small business in the area that wishes to expand into new facilities, like a colocation center in the downtown area.
1) What are firewalls and intrusion detection systems? 2)Why are encryption applications an important security tool?...
1) What are firewalls and intrusion detection systems? 2)Why are encryption applications an important security tool? 3)What kind of budgeting does your job use? What are the pain points that management feels because of this? Where are you seeing the benefit, or the problems, that result, and would another budgeting model work better?
Why would someone need to use a call option? Give a scenario of why someone would...
Why would someone need to use a call option? Give a scenario of why someone would want to use one. Also, pick a stock that has a call option written on it and describe how it would benefit someone who would purchase a call option. Showing math is required.
29. Question 29 For added security you decide to protect your network by conducting both a...
29. Question 29 For added security you decide to protect your network by conducting both a stateless and stateful inspection of incoming packets. How can this be done? 1 point You must install 2 firewalls in series, so all packets pass through the stateless firewall first and then the stateless firewall. Install a single firewall that is capable of conducting both stateless and stateful inspections. Install a stateful firewall only. These advanced devices inspect everything a stateless firewall inspects in...
Would an organization need to apply security controls to allow safe use of those applications? Why...
Would an organization need to apply security controls to allow safe use of those applications? Why or why not?
Why are physical locks alone not a sufficient security control to protect organizational assets? How is...
Why are physical locks alone not a sufficient security control to protect organizational assets? How is the concept of "defense in depth" enforced with respect to physical security in a data center? How can insufficient climate controls in a data center affect the hardware?
Why have internationally operating criminal groups becoming an increased threat to both human and state security?
Why have internationally operating criminal groups becoming an increased threat to both human and state security?
We would expect that policies to protect workers would: Multiple Choice have no impact on unemployment....
We would expect that policies to protect workers would: Multiple Choice have no impact on unemployment. lead to less unemployment. affect those seasonally unemployed more profoundly than other unemployed workers. lead to greater unemployment.
Give a brief overview of airborne transmission and discuss how an imaging technologist would protect themselves.
Give a brief overview of airborne transmission and discuss how an imaging technologist would protect themselves.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT