A traditional conversation on the Internet has turned to discussion of some of the points of network protection, namely Intrusion Detection System and Intrusion Prevention System, which are relatively modern tools and are one of the ways to protect slow networks slowly in the face of the threats and challenges faced by devices In general, the conversation resulted in eight basic points to illustrate the importance of using these systems in the networks because there is a misconception in some that firewalls and anti-virus programs are sufficient to protect the networks, which I will try to explain at several points will be as follows

The first point: Try to thwart the expected attacks on the network

IPs, IDS ips ids-1 is a protection system that uses a variety of methods such as signature detection, protocol and traffic anomaly detection, backdoor detection, IP spoofing detection, DoS detection, Layer 2 detection, rate liming, IPv6 detection, network honeypot Malware detection, Trojans, viruses, botnet, rootkit, spyware, keyloggers, and other threats that can harm your network are sufficiently sophisticated to automatically take action against the threats and security risks you face. Some products can stop an attack by rerouting an attack On a specific location such as a firewall or router to prevent the attacker from accessing the network and other products that run an executable file on the computer Trying to find loopholes within the network and there are products to eliminate malware sent by the attacker to the victim, such as deleting a file "infected" attachment in an email and all the above procedures and policies that you can apply manually

Point 2: Alert the network administrator of potential security events

 ips ids 2. The basic function of intrusion detection systems is to warn the network administrator of network threats or breaches of the security policy. Therefore, the official shall take the appropriate measures according to the information available to him. The IDS identifies passive technology whose function is to check, alert and monitor. A network violation occurs. The primary function of intrusion prevention systems is to prevent threats from being identified according to the data available to them in more than one way. The device then warns the network administrator of what happened

The third point: the imposition of strong policies to protect the network

 Global Policy does not use these systems to protect your organization from hackers from abroad, but it is possible that the risk is internal, whether current or former employees are disgruntled about a situation and want revenge. The most relevant examples of this point only and you can return to the annual reports CSO magazine allocated in this The point is to know the size of the risks faced by the network internally. Therefore, network administrators must be aware of such threats and how to deal with them, such as applying settings and setting policies to identify security violations and monitor traffic from inside or outside. Similar data on firewalls

Fourth point: Save time

When you use this technology expect to take some time to detect the intruders meaning that you will see a large number of false alarms, but the advantages of these alerts, it will make you aware of what happens in the network and if not experienced required, it will increase the experience of network data analysis, The information will provide the IT department with a lot of time and effort when you learn from the start that your organization is under attack

ips ids -5

Point 5: Monitor programs used by employees on the Internet
IPS, IDS can help you to discover programs that deal with the Internet, such as download programs of all types, chat programs, live broadcast sites and videos, which are used by employees, whether they are published or published. The company does not want to waste bandwidth on things that are not important. We know what employees do when they use the Internet and with less security awareness they are more likely to be infected with viruses or the like....