D-Link DFL-2500 User Guide - Page 200
Intrusion Detection System
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 200 highlights
19 CHAPTER Intrusion Detection System (IDS) 19.1 Overview Intrusion Detection is a technology that monitors network traffic, searching for signs of security violations, or intrusions. An intrusion can be defined as an attempt to compromise certain parts of a computer system, or to bypass its security mechanisms. As these forms of attacks are a common occurrence on the Internet, and can often be easily automatized by an attacker, Intrusion Detection is an important technology to identify and prevent these threats. In order to make an effective and reliable IDS, D-Link IDS goes through three levels of processing and addresses the following questions: • What traffic to analyze • What to search for (i.e. what is an "attack") • What action to carry out As an example, picture a system that is monitoring FTP. It would only be concerned with traffic relating to FTP, while traffic relating to, for example POP3, would be of no interest what so ever. Also, only attacks that refer to the FTP protocol would be of interest. 181