Blogs Blogs

what is ips in networking jobs

ASA with FirePOWER service
Positive / Negative Terminology
False positive: the sensor generates an alert about traffic and that traffic is not malicious or important as related to the safety of the network to alert True positive: there was malicious traffic and that the sensor saw it and reported on it

True negative: there was normal nonmalicious traffic, and the sensor did not generate any type of alert 
Identifying Malicious Traffic on the Network There are several different methods that sensors can be configured to use to identify malicious traffic, including the following:

Signature-based IPS / IDS: A signature is just a set of rules looking for some specific pattern or 

characteristic in either a single packet or a stream of packets. It is the most significant method used on 

sensors today.Policy-based IPS / IDS: This type of traffic matching can be implemented based on the security policy for your network.

Anomaly-based IPS / IDS: An example of anomaly-based IPS / IDS is creating a baseline of how many TCP sender 

requests are generated on average each minute that do not get a response; used to identify worms that may be propagating through the network

Reputation-based IPS / IDS: collects input from systems all over the planet that are participating in global 

correlation; may include descriptors such as blocks of IP addresses, URLs, DNS domains, and so on as indicators of the sources for these attacks.

More Info: what is ips in networking

Kommentare
Noch keine Kommentare. Seien Sie der Erste.