Monday, March 23, 2020

Deployment of Firewall and Intrusion Detection and Prevention Systems

The combination of hardware and software that selectively allows communication between a computer and a network is known as a firewall (Fithen, Allen Stoner, 1999). It inspects the traffic during a network communication and blocks or permits passage depending on a given set of rules. The term Intrusion Detection and Prevention Systems (IDPS) refers to both Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).Advertising We will write a custom essay sample on Deployment of Firewall and Intrusion Detection and Prevention Systems specifically for you for only $16.05 $11/page Learn More Intrusion Detection is a process of monitoring the activities occurring in a computer network and determining if they are in violation of standard security policies. The software that automatically carries out the process is known as IDS. IPS is able to carry out the intrusion detection process and can try to stop the intrusion/violation (Scarfone Mell, 2007). Various firewall arrangements can be used for multitier applications accessible from the World Wide Web and from an internal network. Multitier web applications of moderate complexity are segmented into three tiers. The first tier is made up of the presentation components that are accessible directly by end users. The second tier is composed of middleware components that execute the end users’ requests. End users cannot access them directly. The third tier consists of data components. They are the most sensitive and are hosted by databases or directory servers. Firewall deployment is based on three strategies. The first strategy is the single firewall strategy, which is used to protect all the three tiers from the internet and internal network. All the communication going in and out of the three tiers goes through a single firewall. The firewall offers equal protection to all the servers but can subdivide the network into different subnets and offer different protectio n level to the subnets. Firewall in series strategy is whereby several firewalls are deployed to eliminate reliance on a single firewall. The firewalls are deployed one behind another and therefore the more sensitive tiers are behind more firewalls. For example, the data components tier would be behind both the firewall protecting it and the one protecting the middleware components and presentation components. The last strategy is the hybrid strategy, which uses only two firewalls. Either presentation servers and middleware servers or data servers and middleware servers are grouped together. Although two tiers are grouped together, they remain under dedicated subnets. In the first grouping, presentation servers and middleware servers are behind one firewall while data servers are behind two firewalls. All firewall arrangements are on the internal side of a router.Advertising Looking for essay on it? Let's see if we can help you! Get your first paper with 15% OFF Learn Mo re IPS is always deployed inlinewhile IDS can be deployed inline or out-of-band. When connected out-of-band, it uses a hub, a spanning port or a network tap. Deploying both ISP and IDS is more beneficial and to do this, a router must be introduced. The IPS is connected on the external side of the router and the IDS is connected in internal side of the router either inline or out-of-band (Pappas, 2008). The IDS placed on the inside section of the edge router allows analyzing of communication within the internal network. The use of firewalls and IDPS is beneficial. Firewalls block network traffic that may be violating the security policy of an organization. Such traffic may include viruses, spam, email bombs and unwanted material. IDPS detect and stop malicious incidents that would compromise security of a given computer system. They can detect when an attacker has compromised the system and stop suspicious file transfers. By identifying reconnaissance activities, they can prevent e minent future attacks. Reference List Fithen, W.L., Allen, J.H. Stoner, E., (2008). Deploying firewalls. Software Engineering Institute. Web. Pappas, N. (2008). Network IDS and IPS deployment strategies. SANS institute. Web. Scarfone, K., Mell, P. (2007). Guide to intrusion detection and prevention systems(IDPS). Computer security resource center. Web. This essay on Deployment of Firewall and Intrusion Detection and Prevention Systems was written and submitted by user Mia Butler to help you with your own studies. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly. You can donate your paper here.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.