NetworkClue.com
NetworkClue Home PageHome Contact UsContact ConsultingConsult
Bulletin Board
Internet Services covers Secrets to hosting websites, Hosting your own web server, and using DNS Servers.Operating Systems leads you through the decision of Linux vs. Windows, ideal installations and setups to create an efficient and redundant environment for your business, and great features to make management easier.Routing & Firewalls contains articles that will allow you to take control of your router. Learn how to protect your company with access lists and advanced firewall techniques.Hardware answers the common questions about Switches vs. Hubs, recommends SysAdmin Tools, and recommendations for adequate power protection.Utilities will cover fighting spam, using Anti-Virus programs effectively and the must haves for every administrator's software toolbox.

Firewalls
-Firewall Breakdown
-Cisco Access Lists
-DSL/Cable Routers
Cisco
Network Equipment
TCP/IP
Search
Amazon Search

Bulletin Board

Intrusion Detection

By Joshua Erdman
Digital Foundation, inc.

IDS, called Intrusion Detection System (for Cisco) is an advanced form of traffic analysis for firewalls. It is also called Stateful Inspection. Depending on the amount of security needed, it may not be enough to restrict access by port, source and destination. What if I allow the WHOLE internet access to my company's public FTP server (maybe for a free download), someone might know of a FLAW for that particular FTP server that could give them some special and unwanted access. This is where Stateful Inspection comes in.

Stateful Inspection is an amazing utility that knows all the valid commands to expect for your typical network services (SMTP, HTTP, FTP, DNS, etc). If you setup a Stateful Inspection firewall, it makes sure that only approved and correct commands are being used for each type of service. This is what you use to protect about know service vulnerabilities, such as buffer overruns.

Stateful Inspection firewalls are CPU intensive and expensive. You can get equipment from vendors such as Cisco (PIX Firewall or IDS feature set), Symantec, and Checkpoint.

Article last reviewed: 01/09/2006

Created by: Digital Foundation, inc.

Copyright © 2002-2005 Digital Foundation, inc. www.networkclue.com

All content of the NetworkClue website is copyrighted. Articles, notes, outlines, and all other materials may not be stored on the Internet or sold or placed by themselves or with other material in any electronic or printed format in whole or part. However materials may be referenced by links to the site.

 

Related Articles:
NAT Firewall
Packet Filter Firewall
Audit Trails
Cisco ACL Packet Filtering
   Firewall

Books: