The world of internet is a dangerous place. Our network and Information systems have always been a target of e-attacks. Despite the availability of numerous assessment tools on the internet, there has been an increase in the attempts to breach system security. Tools like Nmap and LOphtCrack have been trying to identify the problem, scan it and then fix the issues. Everybody uses firewalls to avoid any unauthorized access to their network? But, the main question here is, are these tools and firewalls enough to protect our data and systems?
Let us take a real life example, you bought a home theater system for your living room. After setting it up, you realize that you need to get new locks for your door because the old ones are not equipped with the latest version of data security mechanisms. You ask a locksmith to get them fixed for you, and in some days your door have new locks installed. You leave for a vacation with your family and when you return, the house is a complete mess. You realize that the home theater system is missing. After wiping your tears, you remember about a brochure, one of your friends gave you regarding the installation of the burglar alarming system. But, you threw it away thinking it was not relevant. Do you think you could have avoided the fiasco if you would have installed an alarming system?
This real life example is an analogy of what can happen with your network? The burglar might be looking at your network for a long time, and you may not even have an inch of an idea about it. Yes, firewalls have been doing what they are supposed to do, but, they can only guard your front doors, what if someone sneaks in through the backdoor? The list of threats is never ending. This is where the role of “Intrusion detection system” comes into play.
Now you might question what is an Intrusion Detection System?
Let’s start in layman terms, IDS is simply a security system that prepares and deals with the electronic attacks. This is done by collecting all the necessary information from different networks and systems and then analyzing it for all the possible security issues. An intrusion detection system can bring your mind to peace by dealing with the following things:
- It monitors and analyzes the activity on the systems.
- Keeping a check on the configuration of the system and their vulnerabilities.
- Tracking abnormal activities.
- Auditing the system.
- Identifying and reporting any alteration done to the data.
- Keeping a track on the user activity from the point of entry to the point where the security can be breached.
- Identify errors in system configuration.
Where do I install my IDS?
Although it depends upon the environment, there are certain points where the system is at highest risk. The most common places where an Intrusion Detection sensor can be placed are:
- Between the extranet and your network.
- Between the network and firewall, to diagnose any threat in case anyone tries to penetrate the firewall.
- In remote access environment
The basic idea of installing an IDS is to create a perimeter of your network and to track all the points from where your network can be accessed. Once these accessing points have been found The IDS sensors can be placed and configured to CMC(Central Management Console). The administrators have the access to login to this console and manage all the sensors. But, always be sure that the connection between the management console and the sensor is secure. After all, no one wants to lose their data.
Nothing comes easy, deploying an Intrusion Detection System demands a lot of research and generating plans. Once, done perfectly, it will give you immense benefits,. Remember; security is not just a patch that you implement once and become carefree. It is a rapidly altering concept which when neglected can lead to disastrous results. Once you decide to have an Intrusion Detection mechanism, find out what your needs are and where will you get it. If you have any doubts, do not hesitate to contact Noel Network and Pc Services, Inc. After all “prevention is better than cure.”