Please enable JavaScript.
Coggle requires JavaScript to display documents.
IDS (Detect Abnormal Activity, Event Notifications, Logging, Preventatve…
IDS
Detect Abnormal Activity
Event Notifications
Logging
Preventatve Measures
IDS / IPS
Components
Attack signature database
Sensors
Command/management console
Alerts/notifications
Anti-virus
Anti-spyware
Firewall rules
Unusual traffic patterns
Custom configuration
Examples of suspicious activity
Excessive network traffic
Network traffic not normally present on the network
Unusual data sharing between apps
Unauthorised packet capturing
Configuration
Require normal activity baseline to detect abnormalities
Can be influenced by law, regulations, certification requirements
Host-based
Network-based
Hardware appliance
Software installed on host
Virtual machine appliance
Cloud service
IPS
Detect Abnormal Activity
Logging
Event Notifications