Chapter 31: Combining Firewalls and IDS

Previous page
Table of content
Next page


Introduction

So far, we've discussed the concepts behind Intrusion Detection Systems (IDSs) and their basic configuration. While many of these topics covered some very basic functions of IDS, this chapter is dedicated to the more advanced features of IDS and how it can be very powerful when combined with firewall technologies.

Both Snort (combined with various firewalls) and the Cisco PIX can perform the same extensive intrusion detection tasks. In this chapter, we discuss policy-based intrusion detection and inline intrusion detection. These are additional functions that Snort (combined with Iptables or Sun's firewalling capabilities) and the PIX are able to provide that work alongside its normal intrusion detection capabilities. By using some or all of these functions, you can leverage the capabilities of IDS and firewalls to help make your systems even more secure.

Policy-based intrusion detection and inline intrusion detection are simply variants of normal intrusion detection and differ only in their implementation. As always, intrusion detection is the concept of detecting intrusions on your systems or networks. Whether you're using standard signature-based intrusion detection techniques or anomaly-based intrusion detection, the result is the same—a more secure network environment.


Previous page
Table of content
Next page
The Best Damn Firewall Book Period
The Best Damn Firewall Book Period
ISBN: 1931836906
EAN: 2147483647
Year: 2003
Pages: 240
Authors: Cherie Amon, Thomas W. Shinder, Anne Carasik-Henmi
BUY ON AMAZON
Agile Project Management: Creating Innovative Products (2nd Edition)
Metrics and Models in Software Quality Engineering (2nd Edition)
Cisco Voice Gateways and Gatekeepers
DNS & BIND Cookbook
Java All-In-One Desk Reference For Dummies
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy