Firewalls and Intrusion Detection Systems

Firewalls and usurpation Detection SystemsArdeliza LansangTechnologies for usurpation Detection revolutionize both firewalls and assault detection systems argon used to monitoring device web handicraft and implement mesh figure out security policies. Research these technologies and determine how they ar similar and how they differ. Are both needed? Explain your answer in a short paper. (SNHU. n.d.)BRIEF INTRODUCTIONTechnology has enhanced our usable lives by providing us with innovations (e.g., stationary and portable devices). It has also developed mingled modes of communication theory (e.g., VOiP, video conferencing, email, SMS). These advancements digest allowed individuals and business the ability to remain attached with one another continuously and globally, regardless of time and space.Concurrently, the digital or development age has also produced serious vane c at a timerns and threats. The prevalent problems tend from phishing, scamming, cyber-bullying to co mmunicate services disruption (such as DoS, or denial of service), information or identity theft and information sabotage. Cyber or Internet crimes have resulted in diminishing or halting productivity. They have also caused victims to nourish physical, mental, emotional and financial loss.To counter ominous risks, various softw atomic number 18 and ironw are products have been manufactured to retard and combat unauthorized access to the network systems. Implementing the necessary security measures can eliminate or decrease the ongoing vulnerability to cyber violations. In addition to having a stable security infrastructure, it is of import to raise awareness of some(prenominal) threats among users and to remind them of their responsibilities toward maintaining security or how to work against malicious activities (e.g., secure password, keeping software and the OS current, safeguarding sensitive information, etc.)FIREWALLA firewall is a hardware or a software (or a crew of both ) that sits between a LAN and the Internet. Acting as a breastwork between a trusted and an untrusted network, its main function is to filter merchandise in a networked environment by engine block unauthorized or harmful activities and permitting authorized communications. By monitoring the incoming and outgoing network traffic, a firewall is fundamentally the first line of peripheral vindication against any intrusions. (Bradley.)A firewall not only enhances the security of a armament or a network but also protects and shields the applications, services, and machines that are attached to the network system. By checking data packets, it allows nonthreats to pass through. Conversely, it either drops, erases, denies or returns threats to the sender. (Sherman.)Types of firewalls mailboat filters Packet filtering is the offset of allowing or preserveing packets at a network interface by checking destination port number source and destination addresses, and/or protocols. In a softw are firewall, a packet filter program examines the pass of each packet based on a specific destiny of rules and is either passed (called ACCEPT) or prevented (called DROP). (TechTarget.com.)Stateful oversight This firewall technology (also referred to known as impulsive packet filtering, monitors the state of active connections. Based on this information and by analyzing packets down to the application layer, it determines which network packets to permit passage through the firewall. It monitors and tracks communications packets over a length of time. (TechTarget.com.)Proxys Proxy firewalls, in combination with stateful inspection firewall perform deep application inspections (e.g., layer 7 protocols such as HTTP, FTP). Unlike stateful firewalls which cannot inspect application layer traffic, proxys can prevent an HTTP-based clap. This answer is achieved by making the firewall act as a proxy, i.e., after the thickening opens a connection to the firewall, the firewall opens a separate connection to the server on behalf of the client (without the clients knowledge). (TechTarget.com.)Benefits of firewallProtects against routing-based attacksControls access to systemsEnsures privacyDrawbacks of firewallDifficult to configurePossibility of blocking nonthreats or useful servicesCould allow back door attack (via modem access)No antivirus protectionPossible performance problems (or, cause potential bottleneck) security measures tends to be concentrated in a item-by-item spotviolation DETECTION SYSTEMS (IDS)An IDS can also be software- or hardware-based, such as a separate computer, that monitors network occupation in a single computer, or a specific network or multiple networks deep down a WAN. It attempts to identify and evaluate a suspected intrusion once it has occurred by signaling an alarm and trying to stop it. It is akin to a smoke detector that raises an alarm at the signs of threat. (Pfleeger and Pfleeger.)It oversees traffic by identifying pattern s of activity and comparing the information to attacks that are already listed in the IDS database. For example, detected anomalies are compared with normal levels, i.e., a high level of or a braid in packet size or activity could mean a hacking attack. The technology is typically use to enforce corporate policy and are not configured to drop, delete or deny traffic. It primarily gene range monition signals or alarms. (Sherman.)IDS can be network based or host basedNIDS (Network Intrusion Detection Systems), which are placed at a strategic point or points within the network, oversee inbound and outward-bound traffic among all devices on the network. In this system, anti-threat software is installed only at specific servers that interface between the external environment and the interior network. (TechTarget.com.)HIDS (Host Intrusion Detection Systems), which are conducted on individual hosts or devices on the network, monitor the incoming and outgoing packets from the device only and will signal an jovial when suspicious activity is identified. In this system, anti-threat applications (e.g., firewalls, antivirus and spyware-detection software) are installed on every computer connected to the network system and that has access to the Internet. (TechTarget.com.)Benefits of IDSEnables the detection of external hackers and internal network-based attacksCan be scaled easily, providing protection for the entire networkAccommodates in-depth defenseAllows an additional layer of protectionDrawbacks of IDSProduces false reports (positives and negatives)Acknowledges attacks but does not prevent themExpensive to implement, requiring full-time monitoring and highly-skilled staffRequires a complex event-response processUnable to monitor traffic at higher transmission ratesProduces a tremendous amount of data to be analyzed open to low and slow attacksCannot deal with encrypted network trafficCONCLUSIONBoth firewall and IDS complement one another. While a firewall limits network access to prevent intrusions or watches out for intrusions to prevent them from occurring, it does not signal an attack from within the network the way an IDS does. While a firewall can block traffic or connection, IDS cannot. It can only alert any intrusion attempts. It monitors attacks and evaluates intrusions that are specifically designed to be overlooked by a firewalls filtering rules. A firewall is analogous to a security guards or personnel at the provide and an IDS device is a security camera after the gate. Another similitude that can be used is that a firewall is akin to installing locks on doors to prevent intrusion IDS is installing security systems with alarms. (TechTarget.com.)ReferencesBarbish, J. J. (n.d.). Chapter 29. Firewalls. Retrieved on March 6, 2017 from https//www.freebsd.org/ doctor/en_US.ISO8859-1/books/handbook/firewalls.htmlBradley, T. (August 21, 2016). Introduction to Intrusion Detection Systems (IDS). Retrieved on March 6, 2017 from https// www.lifewire.com/ interpolation-to-intrusion-detection-systems-ids-2486799 loss between Firewall and Intrusion Detection System. (n.d.). Retrieved on March 10, 2017 from http//www.omnisecu.com/security/infrastructure-and-email-security/difference-between-firewall-and-intrusion-detection-system.phpFirewall. (n.d.). Retrieved on March 10, 2017 from http//searchsecurity.techtarget.com/definition/firewallFirewalls. (n.d.). Retrieved on March 10, 2017 from http//csc.columbusstate.edu/summers/Research/NetworkSecurity/security/firewalls.htmGattine, K. (n.d.). Types of firewalls An introduction to firewalls. Retrieved on March 10, 2017 from http//searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-firewallsHIDS/NIDS (host intrusion detection systems and network intrusion detection systems). (n.d.). Retrieved on March 10, 2017 from http//searchsecurity.techtarget.com/definition/HIDS-NIDSIDS/IPS Pros and Cons. (n.d.). Retrieved on March 10, 2017 from http//flylib.com/b ooks/en/2.352.1.16/1/Kurose, J. F., Ross, K. W. (2013). Computer Networking A Top-Down Approach, 6th Edition. MBS Direct. Retrieved from https//mbsdirect.vitalsource.com//books/9780133464641/Pfleeger, C.P. and Pfleeger, S.L. (March 28, 2003). Security in Networks. .). Retrieved on March 10, 2017 from http//www.informit.com/articles/article.aspx?p=31339seqNum=5Sherman, F. (n.d.). The Differences between a Firewall and an Intrusion Detection System. Retrieved on March 10, 2017 from http//smallbusiness.chron.com/differences-between-firewall-intrusion-detection-system-62856.htmlShort Paper/Case debate Analysis Rubric. (n.d.). Retrieved on January 7, 2017 from https//bb.snhu.edu/webapps/blackboard/content/listContent.jsp?course_id=_107231_1content_id=_14552222_1