Chapter 9. Intrusion Detection System (IDS)
This chapter covers deploying an intrusion detection system (IDS) in a Cisco network. The chapter is comprised of the following three sections:
• Deploying open source IDS tools
• Deploying IDS sensors embedded within Cisco devices
IDS Overview
An IDS monitors traffic within a network to detect unauthorized network activity. After detecting malicious activity, the IDS sends an alert message to a central monitoring console so that action can be taken by the Netadmin. The alerts are sent in the form of syslog messages or pager/e-mail alerts. IDSs are available as appliances (hardware-based devices) as well as software-based agents. The hardware systems are ready to be deployed within ...
Get Network Administrators Survival Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.