Higher headquarters has acquired a software package to centrally collect logging data from numerous servers, switches, firewalls, printers, routers etc. This type of IDS/IPS system is commonly referred to as a __________________ IDS/IPS system?


2 Answers

James Kent Profile
James Kent answered
This type of IDS/IPS system is commonly known as a ‘Meta’ IDS/IPS system. The system has the software capabilities to collect information regarding internal security threats in a network from many different points, including switches, routers and firewalls. This allows network security to fully track and investigate the threat. Most security mechanisms don’t have the technology necessary to forward all events to a central loghost; a Meta IDS/IPS system does.

An IPS system is an Intrusion Prevention system. The system is usually used in conjunction with an IDS system (Intrusion Detection system) and the two systems are sometimes combined into one. The devices are used to monitor the security of a network. They are designed to indentify malicious activity and, if possible, stop it. All information regarding the activity is collected by the IDS/IPS system and reported to a central logging point, where it can be scrutinized together in an attempt to identify its source.

IPS systems can attempt to prevent unauthorized activity in a network in a number of ways. Firstly, they will try to block all communication from the offending IP address completely. They can also set alarms to notify workers of an attempt to breach the system. Often they will reset the connection to stop activity. Any organization dealing with classified information should have an IPS/IDS system installed as part of its network security.

Meta IDS/IPS systems feature an important development in security technology, as they have the capability to collect data at one logging point. For this reason, Higher Headquarters has chosen to use the new systems. Meta IDS/IPS systems should be more effective than older systems, as many hackers and offending groups have worked out how to beat old systems already. It is important improvements are constantly being made to security for organizations to remain one step ahead of criminals.

Answer Question