|[ LiB ]|
Terms you'll need to understand:
False positives, false negatives
True positives, true negatives
Host-based intrusion protection system (HIPS)
Network-based intrusion detection system (NIDS)
Profile-based intrusion detection (anomaly detection)
Signature-based intrusion detection (misuse detection)
Techniques you'll need to master:
Understanding IDS triggers
Recognizing intrusion detection evasive techniques
Describing the Cisco Secure Intrusion Detection System (CSIDS) environment
Understanding CSIDS communications
We saw in Chapter 2, "Introduction to Network Security," how the need for network security is growing and evolving with the increasingly open and interconnected nature of today's networks. In this chapter, we explore how IDS components work together to proactively secure the network environment against a backdrop of both amateur and sophisticated attacks.
This chapter provides an overview of intrusion detection concepts and the various methods employed to detect, monitor, and respond to network intrusions. This chapter will familiarize you with different IDS triggers, attack identification methods , and monitoring locations, as well as provide you with an overview of intrusion detection evasive techniques. It then describes the components of the Cisco IDS protection environment and how these parts work together to enforce a layered approach to network security.
|[ LiB ]|