CCNA Security Quick Reference CHAPTER 5 Cisco IOS IPS
Friday, August 1st, 2008 | Study Guide
Cisco provides intrusion detection and prevention in a variety of ways in its current security portfolio. You might add this
powerful tool to your network via a dedicated hardware appliance known as a sensor, or you might add this functionality
using a network module inserted into a router or a switch. However you decide to implement the technology, the goal is
the same: to take some action based on an attack introduced to your network. This action might be to alert the network
administrator via an automated notification, or it might be to prevent the attack from dropping the packet at a device.
Intrusion Prevention Versus Intrusion Detection
Intrusion detection is powerful in that you can be notified when potential problems or attacks are introduced into your
network. Note, however, that detection cannot prevent these attacks from occurring. Detection cannot prevent the attacks
because it operates on copies of packets. Often, these copies of packets are received from another Cisco device (typically
a switch). Sensors operating using intrusion detection are said to be running in promiscuous mode.
Intrusion prevention is more powerful in that potential threats and attacks can be stopped from entering your network, or
a particular network segment. Prevention is possible by the sensor because it is operating inline with packet flows.
IPS/IDS Terminology
You should be aware of many security terms that are related to intrusion detection and prevention technologies.
More:CCNA Security Quick Reference CHAPTER 5 Cisco IOS IPS
PassGuide Practice Test Questions
No comments yet.
Leave a comment
Search
Pages
PassGuide Certification Testing
