Tambah Penghasilan Anda

Selamat datang di blog informasi Teknologi, saya ucapkan selamat menikmati suguhan saya mulai dari AntiVirus, Berita Kontes, Dunia Teknologi, Keamanan Jaringan, Tak Berarti, Tips and tricks, Virus hingga informasi mengenai teknologi terbaru yang di gunakan banyak orang di dunia. Jadi selamat menikmati deh!!!!!!!!!!!

Wednesday, 1 July 2009

Intrusion Detection and Reporting/Response System (IDRS) (Part 2)

How implementation of intrusion detection
There are 2 types of implementation of the common intrusion detection is done, [12], namely: host-based IDS (HIDS) and network-based IDS (NIDS). HIDS is an application that is installed on a computer, server or client, who observed a computer concerned. NIDS consists of a set of agent applications that strategically placed in the network to the network traffic. In general, most enterprises choose to implementation of the NIDS, or a combination (hybrid) where the traffic HIDS entry / exit on a host / server while a NIDS observe all traffic on the network server.


In this final task is focused on the implementation of the NIDS includes 2 important aspects, namely: the observed behavior and data traffic in the network (visibility) and the management of traffic and access to the network (control) is closely related to the security system. NIDS will identify the packets of data flow / traffic:

a) In / out entreprise.
b) The information regarding the ownership or confidential enterprise.
c) Disturbance / intrusion / attack on the network.
d) use of information technology assets enterprise.

So that the maximum value of NIDS, the first phase should be done is the determination of system security policies, [12], include: the protected information asset, the type IDRS, IDRS placement, types of attacks that will be detected, and the type of response that is applied when the intrusion is detected.

Determination of system security policies closely related to the investment measure the amount measured, [12]. Metriks for popular NIDS is the number of loss of contents of packages received, in this case must also be the existence of the firewall. Metriks other way is the total cost of ownership (TCO) and total economic impact (Tei). TCO takes into account the number of various cost management, administration, and the burden for end-users. Tei is a model try to show that the total cost perimbangan implementation of information technology (IT) compared with the hit-loss, flexibility, and risk. Any policy that is applied, the basic NIDS must be able to identify an attack regardless of the complexity of saturation (flow capacity per second) network. NIDS can be effective when all the changes due to advances in technology, alternative 3 can support the NIDS are:

a) Customization Flexibility, pengadaptasian NIDS unique in the network.
b) Deployment Flexibility, pengumpulkan homogenous data segments from a separate network.
c) Management scalability, increased security scale development.

wisata seo sadau in the hole, please check it out......

Also read the following article



Diposkan oleh Informasi Teknologi di 07:16  

Label:

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)