Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : Intrusion Detection System : Cisco Firewall/IDS IOS

Cisco Firewall/IDS IOS

Nov 26,2008 by admin

small font medium font large font
image

Cisco Firewall/IDS IOS

Introduction

When you start implementing intrusion detection in the corporate LAN, it isn't necessary to spend a lot on IDS sensors or IDSM blades. This is even truer for networks in small offices, which don't have the budgets of larger corporations. An affordable start with intrusion detection can be made using the Firewall/IDS feature set of IOS, which a growing number of Cisco router platforms now support. Because IOS-IDS runs on existing network hardware and uses Syslog for alarm notification, it complements the existing security infrastructure without the need for new hardware and Director software. The downside of using IOS-based IDS is that the capabilities of IOS-IDS are limited if you compare them with the IDS sensors or IDSM. The performance of the router may suffer under the processing load of IDS and the number of signatures supported is limited.

In this chapter, we will discuss these performance issues and look at the limitations of IOS-IDS, as well as explore which router platforms are capable of running IOS-IDS and the number of signatures the IOS identifies. We will learn how to configure IOS-based IDS, see how IDS takes action when under attack, and learn how to verify and monitor an IDS configuration.

In Figure 11.1, we see some of the ways Cisco IOS-IDS can be employed within your network. Company A is using Cisco IOS-IDS to protect its LAN from attacks originating on the Internet. Company B has put IOS-IDS to use to protect a Frame-Relay link to one of its branches. Company C is using Cisco IOS-IDS to protect the LAN from attacks originating on the Internet, but is also using IOS-IDS to protect a cluster of intranet web servers from attacks.

Click To expand
Figure 11.1: Cisco IOS-IDS Employment

454 times read

Related news
» Cisco Intrusion Detection
by admin posted on Nov 24,2008
» IOS Firewall—Intrusion Detection System Review
by alperen posted on Sep 16,2009
» Cisco Secure Intrusion Detection System
by alperen posted on Feb 24,2010
» Supported Router Platforms
by admin posted on Nov 26,2008
» Cisco Secure Intrusion Detection System Review
by alperen posted on Feb 26,2010
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

admin

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.