Intrusion Detection with Cisco IOS
The Cisco IOS Firewall IDS acts as an inline intrusion detection sensor, watching packets and communication sessions as they flow through the router and scanning each packet to see whether it matches any of the IDS signatures.
Cisco developed its Cisco IOS Software–based intrusion detection capabilities in the Cisco IOS Firewall Feature Set with flexibility in mind so that individual attack signatures could be disabled in case of false positives. Also, although it is preferable to enable both the firewall and intrusion detection features of the FFS CBAC security engine to support a network security policy, each of these features can be enabled independently and on different router interfaces.
The Cisco IOS Firewall ...
Get Network Security First-Step, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.