Network Administrators Survival Guide

Chapter 9. Intrusion Detection System (IDS)

This chapter covers deploying an intrusion detection system (IDS) in a Cisco network. The chapter is comprised of the following three sections:

• IDS introduction

• Deploying open source IDS tools

• Deploying IDS sensors embedded within Cisco devices

IDS Overview

An IDS monitors traffic within a network to detect unauthorized network activity. After detecting malicious activity, the IDS sends an alert message to a central monitoring console so that action can be taken by the Netadmin. The alerts are sent in the form of syslog messages or pager/e-mail alerts. IDSs are available as appliances (hardware-based devices) as well as software-based agents. The hardware systems are ready to be deployed within ...

Get Network Administrators Survival Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Network Administrators Survival Guide by CCIE No. 10401 Anand Deveriya

Chapter 9. Intrusion Detection System (IDS)

IDS Overview

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly