Alarms and
Alerts
The logical view of network
protection looks like Figure 7,
in which both a router and a firewall provide layers of protection for the
internal network. Now let us add one more layer to this defense.
Figure 7 Layered Network Protection.
An intrusion detection system is a device that is placed inside a
protected network to monitor what occurs within the network. If an attacker is
able to pass through the router and pass through the firewall, an intrusion
detection system offers the opportunity to detect the attack at the beginning,
in progress, or after it has occurred. Intrusion detection systems activate an
alarm, which can take defensive action. We study intrusion detection systems in
more detail later in this chapter.
Tags:
Network Security