IDS (Intrusion Detection system)IDS is an acronym for Intrusion Detection System. An intrusion detection system detects intruders; that is, unexpected, unwanted or unauthorized people or programs on my computer network.
There are many forms of IDS. Network IDS and Host IDS are the example. Network IDS will Generally Capture all Traffic on the network Host will Capture Traffic for Individual Host IDS detects attempted attacks using Signature and Patterns much like an Anti Virus App will.
Anti Virus
Antivirus software (sometimes spelled Anti-Virus or anti-virus with the hyphen) are computer programs that attempt to identify, neutralize or eliminate malicious software. The term "antivirus" is used because the earliest examples were designed exclusively to combat computer viruses; however most modern antivirus software is now designed to combat a wide range of threats, including worms, phishing attacks, rootkits, Trojans, often described collectively as malware They will capture attempted Infections of Files or email, the general infection will be a Trojan and/or Virus/Malware.
Firewall
Not limited to a Perimeter of a Network, Firewalls can be Sophisticated. Firewall will scan TCP/IP packets based on Source and Destination then check again a list ( ACL ) and block/Allow traffic accordingly, some firewalls can provide Layer 7 Traffic Scanning ( Deep Packet Inspection) for instance rules can be setup for Applications.
A firewall has got holes to let things through: without it, you wouldn't be able to
access the Internet or send or receive emails. Anti-virus systems are only good at detecting viruses they already know about. And passwords can be hacked, stolen or left lying about on post-its.
That's the problem. You can have all this security, and all you've really got is a false sense of security. If anything or anyone does get through these defenses, through the legitimate holes, it or they can live on your network, doing whatever they want for as long as they want. And then there's a whole raft of little known vulnerabilities, known to the criminals, who can exploit them and gain access for fun, profit or malevolence. A hacker will quietly change your system and leave a back door so that he can come and go undetected whenever he wants. A Trojan might be designed to hide itself, silently gather sensitive information and secretly mail it back to source. And you won't even know it's happening - worse, you'll believe it can't be happening because you've got a firewall, anti-virus and access control.
Unless, that is, you also have an intrusion detection system. While those other defenses are there to stop bad things getting onto your network, an intrusion detection system is there to find and defeat anything that might just slip through
and already be on your system. And in today's world, you really must assume that things will slip through - because they most certainly will. From the outside, you will be threatened by indiscriminate virus storms; from hackers doing it for fun (or training); and more worryingly from organized criminals specifically targeting you for extortion, blackmail or saleable trade secrets.
From the inside, you will have walk-in criminals using social engineering skills to obtain passwords to, or even use of, your own PCs; from curious staff who simply want to see what their colleagues are earning; and from malcontents with a grievance.
What you really mustn't assume is that this is fanciful, or that you don't have anything worth stealing. According to experts in the field even something as basic as stored HR data on your employees is worth $10 per person on the black market. Search for 'FBI' on this site, and see the variety of attacks and dangers that exist; and how often there is a degree of success despite firewalls and antivirus and access control. You still need all of those defenses - but you also need an intrusion detection system.
Download Antivirus | Firewall Software
No comments:
Post a Comment