NIDS - Location o Inside Interior Firewall NIDS 2007 Wm....

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
9/6/2007 1 Network Network Intrusion Detection System NIDS Wm. Arthur Conklin, PhD Assistant Professor Department of Information & Logistics Technology College of Technology Agenda o Definition o Placement o Information Discovered o Advantages o Limitations 2 2007 Wm. Arthur Conklin, PhD
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
9/6/2007 2 Definitions o Network Intrusion Detection System NIDS » The use of a sensor located on a common network segment to monitor and analyze traffic for signs of intrusion. o Network Based » Samples all traffic 3 2007 Wm. Arthur Conklin, PhD Location o Before Exterior Firewall 2007 Wm. Arthur Conklin, PhD
Background image of page 2
9/6/2007 3 Exterior to Firewall o Sees all traffic o Sensor can be targeted o Good to see what is hitting firewall 5 2007 Wm. Arthur Conklin, PhD Location o Inside DMZ 2007 Wm. Arthur Conklin, PhD
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
9/6/2007 4 In DMZ o Can see what exterior firewall is letting in o Can still be a target o Traffic levels 7 2007 Wm. Arthur Conklin, PhD
Background image of page 4
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 6
Background image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Location o Inside Interior Firewall NIDS 2007 Wm. Arthur Conklin, PhD 9/6/2007 5 Inside DMZ o Most protected environment o Lowest traffic levels o Most sensitive data o Most likely to be segmented 9 2007 Wm. Arthur Conklin, PhD Challenges o Network Segregation o Traffic levels o Spanning Ports o Multiple ISP entry points 10 2007 Wm. Arthur Conklin, PhD 9/6/2007 6 Solutions o Use multiple NIDS o Determine correct points for each sensor o Size Sensors to network traffic o But multiple sensors = more complex aggregations of findings 11 2007 Wm. Arthur Conklin, PhD Advantages o Cost o Simplicity 12 9/6/2007 7 Limitations o Limited by location Network segmentation Core Network traffic levels o Encrypted Traffic Limitations Got to be able to read it 13 Questions 14 2007 Wm. Arthur Conklin, PhD...
View Full Document

This note was uploaded on 10/21/2011 for the course CIS 3351 taught by Professor Conklin during the Spring '11 term at University of Houston.

Page1 / 7

NIDS - Location o Inside Interior Firewall NIDS 2007 Wm....

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online