|
This book presents a combination of intrusion detection systems (IDS) and security theory, Cisco security models, and detailed information regarding specific Ciscobased IDS solutions. The concepts and information presented in this book are one step towards providing a more secure working and living network environment. This book also exists as a guide for Security Administrators seeking to pass the Cisco Secure Intrusion Detection Systems Exam (CSIDS 9E0100), which is associated with CCSP, Cisco IDS Specialist, and Cisco Security Specialist 1 certifications.Technology Background:Their general purpose is to monitor events on systems and networks and notify security administrators of an event that the sensor determines is worthy of alert. An IDS weighs these situations using a variety of means. Some IDS compare network conversations they *hear* to a list of known attack sequences or signatures. When the network traffic matches a known exploit signature, they trigger an alert. These IDS are known as Signaturebased IDS. Other IDS collect a baseline of *normal* network operations over time. They then continue to monitor the network for situations that don`t match what they`ve determined as normal. If this happens, they trigger an alert. These IDS are called anomalybased IDS.Market Information and Target Audience:Any network administrator who needs to configure, manage, or troubleshoot one of Cisco`s industryleading PIX 500 Series firewalls. This book also exists as a guide for Security Administrators seeking to pass the Cisco Secure Intrusion Detection Systems Exam (CSIDS 9E0100), which is associated with CCSP, Cisco IDS Specialist, and Cisco Security Specialist 1 certifications.
|
|
|