Intrusion  Detection Systems (IDS) and Intrusion Protection Systems

InstructionsWrite 1 thread of at least 300 words. Then write 1 reply to the thread below of  at least 150 wordsResearch and develop a thread that compares and contrasts Intrusion  Detection Systems (IDS) and Intrusion Protection Systems (IPS). Your  thread must include: an introduction statement/paragraph, body  paragraph(s), and a conclusion statement/paragraph. ReplyWhen setting up a network and putting security measures in place it  is important to know what options are available and what they do. Having  a basic understanding of security principles and doing some research  will create a knowledge base that allows for the development and  installment of a layered and effective defense against outsiders that  would seek to maliciously interfere with the network. One important  aspect of a layered approach to security is the choice to use an  intrusion detection system (IDS) or an intrusion protection system  (IPS).Intrusion detection is process where the events and network  traffic within a computer or network are monitored and analyzed to look for possible intrusions (Hung-Jen et al., 2013). An IDS is the hardware  or software that automates intrusion detection (Hung-Jen et al., 2013).  An IPS goes beyond intrusion detection and provides controls with the  capability to block activity that is flagged as malicious (“What is”,  2019). Both an IDS and an IPS use signature-based detection and/or  anomaly-based detection to find possible intrusions (Hug-Jen et al.,  2013; “What is”, 2019).Signature-based detection compares network traffic and other  activity to known attack patterns and vulnerabilities to find intrusions  (“What is”, 2019). Anomaly-based detection samples network traffic and  compares the sample to predetermined baselines or profiles to flag any  anomalies (Hung-Jen et al., 2013; “What is”, 2019). An IDS will only  monitor the network or device to find malicious activity; an IPS will  perform control actions once malicious activity is found. These control  actions can include alerting administrators, dropping packets, blocking  incoming traffic from a specific source or sources, or even restarting a  connection (“What is”, 2019).Ultimately the choice between an IDS and an IPS is determined by  three factors: pre-existing security measures, cost, and the desired  level of automation. Pre-existing security measures may make a company  or individual feel secure and they may not see the need for an IDS or an  IPS in addition to what is already in place. With the added features  and functionality of an IPS the cost is likely to factor into a decision  between an IDS and an IPS because of budgetary restrictions. The  desired level of automation is also important to consider, a company or  individual may not to automate controls that deal directly with  malicious traffic, they may only want to flag malicious activity and  have manual controls in place to handle any incidents further.1 Corinthians 9:10 (NLT) “…Yes, it was written  for us, so that the one who plows and the one who threshes the grain  might both expect a share of the harvest.”. By this principle, those that invest in security will become more secure. Ecclesiastes 3:12-13 (NKJV) “I know that nothing is  better for them than to rejoice, and to do good in their lives, and  also that every man should eat and drink and enjoy the good of all his  labor—it is the gift of God.”.

Prof. Angela


Calculate Price

Price (USD)