intrusion detection system
8/5/2010
Paul Apolinar
Christian Chavez
RJ Favila
Arni Paragas
Jessica Mayuga
Abegail Soñas
Defined by ICSA as:
The detection of intrusions or intrusions attempts either
manually or via software expert systems that operate on logs or other information available from the system or the network.
IT Security
When suspicious activity is from your internal network it can also be classified as misuse
Intrusion : Attempting to break into or misuse your system.
An intrusion is a deliberate, unauthorized attempt to access or manipulate information or system and to render them unreliable or unusable.
Intrusion Detection Systems are only one piece of the whole security puzzle
Intruders may be from outside the network or legitimate users of the network.
IDS must be supplemented by other security and protection mechanisms
They are a very important part of your security architecture but does
Intrusion can be a physical, system or remote intrusion. not solve all your problems
Part of “Defense in depth”
IDS are a dedicated assistant used to monitor the rest of the security infrastructure
Today’s security infrastructure are becoming extremely complex, it includes firewalls, identification and authentication systems, access control product, virtual private networks, encryption products, virus scanners, and more. All of these tools performs functions essential to system security. Given their role they are also prime target and being managed by humans, as such they are prone to errors.
Failure of one of the above component of your security infrastructure jeopardized the system they are supposed to protect
1
8/5/2010
Not all traffic may go through a firewall
It's like security at the airport... You can put up all the fences in the world and have strict access control, but the biggest threat are all the PASSENGERS (packet) that
Paul Apolinar
Christian Chavez
RJ Favila
Arni Paragas
Jessica Mayuga
Abegail Soñas
Defined by ICSA as:
The detection of intrusions or intrusions attempts either
manually or via software expert systems that operate on logs or other information available from the system or the network.
IT Security
When suspicious activity is from your internal network it can also be classified as misuse
Intrusion : Attempting to break into or misuse your system.
An intrusion is a deliberate, unauthorized attempt to access or manipulate information or system and to render them unreliable or unusable.
Intrusion Detection Systems are only one piece of the whole security puzzle
Intruders may be from outside the network or legitimate users of the network.
IDS must be supplemented by other security and protection mechanisms
They are a very important part of your security architecture but does
Intrusion can be a physical, system or remote intrusion. not solve all your problems
Part of “Defense in depth”
IDS are a dedicated assistant used to monitor the rest of the security infrastructure
Today’s security infrastructure are becoming extremely complex, it includes firewalls, identification and authentication systems, access control product, virtual private networks, encryption products, virus scanners, and more. All of these tools performs functions essential to system security. Given their role they are also prime target and being managed by humans, as such they are prone to errors.
Failure of one of the above component of your security infrastructure jeopardized the system they are supposed to protect
1
8/5/2010
Not all traffic may go through a firewall
It's like security at the airport... You can put up all the fences in the world and have strict access control, but the biggest threat are all the PASSENGERS (packet) that