Many questions have been asked in regards to our companies’ security needs for our network. Deciding what we may need in terms of any hardware or software that could help to protect our assets. The purpose of this report is to offer recommendations as to what we should do to enhance our network security as well as explain what and why these components are in place. We will also examine what it means to have an intrusion and what we can do to circumvent that from happening. We will also determine what these security option will mean in terms of man power to monitor and maintain.
IPS, or Intrusion Prevention System, and IDP, or Intrusion Detection and Prevention systems are the tools that are being used to monitor the network for intrusion or general mischief that can plague a companies’ network. These intrusion monitoring tools can either be a passive system that is just watching and documenting the traffic for examination from the network security team. Active tools are the same tools that track and document the intrusion but have the added benefit of attempting to head off intrusions in process. The question was brought up if we still need a firewall to provide a defense against unauthorized intrusions. The answer to this question is absolutely and most definitely. The firewall acts as a perimeter defense against intrusion and is in place to protect the network. These work in conjunction with the IPS to protect the network. When a firewall is properly placed and maintained within the network the systems are much more secure than without it. A well placed firewall will ensure that the traffic will flow through the specific points creating a chokepoint for the data and allowing for the chance to analyze the data.
The personnel needed to monitor the system depends on what type of intrusion detection we choose to go with and the level of control we want to maintain over the reports that generate from the IDS. If we...