1 / 7

Chapter 15 Cisco Secure Intrusion Detection

Chapter 15 Cisco Secure Intrusion Detection. Location of IDS Sensor Deployment. Interaction between IDS Sensor and Management Console. IDS Sensor. Sensor Response to Intrusions. No action Shun Block attack by creating ACLs dynamically Log TCP Reset. IDS Signatures.

mireya
Download Presentation

Chapter 15 Cisco Secure Intrusion Detection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Chapter 15 Cisco Secure Intrusion Detection

  2. Location of IDS Sensor Deployment

  3. Interaction between IDS Sensor and Management Console

  4. IDS Sensor

  5. Sensor Response to Intrusions • No action • Shun • Block attack by creating ACLs dynamically • Log • TCP Reset

  6. IDS Signatures • Signatures supported by Cisco IDS appliances and IDSM (1000+) • http://www.cisco.com/cgi-bin/front.x/csec/idsAllList.pl • Signatures supported by IDS software in Cisco IOS router (< 100) • http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t5/iosfw2/ios_ids.htm#xtocid127

  7. Using a Router as the IDS Sensor Note: Cisco Secure IDS Director has been replaced by CiscoWorks VPN/Security Management Solution (CWVMS)

More Related