Organizations continue to deploy firewalls as their central gatekeepers to prevent unauthorized users from entering their networks. However, network security is in many ways similar to physical security in that no one technology serves all needs-rather, a layered defense provides the best results. Organizations are increasingly looking to additional security technologies to counter risk and vulnerability that firewalls alone cannot address. Network-based intrusion detection systems (IDSs) provide around-the-clock network surveillance. The Cisco Secure Intrusion Detection System (CSIDS) is a real-time, network-based IDS designed to detect, report, and terminate unauthorized activity throughout a network.
Cisco Secure Intrusion Detection System is a Cisco authorized self-paced learning tool providing a clear explanation of why network security is crucial in today's converged networking environment, how CSIDS improves the security on a network, and how to install and configure CSIDS. This book is divided into seven parts: In Part I, you are exposed to how networks are attacked, along with ways to secure networks. This leads into Part II, which provides an explanation of the components of CSIDS and how they fit into a secure network design. The installation of CSIDS is examined in Part III. Part IV discusses the management of alarms. Normal traffic generates many alarms, both from actual attacks as well as false positives. Without proper management, this flood of alarms can render the IDS ineffective. Part IV also explains how the various types of alarm signatures are classified, along with the severity levels that can be associated with an alarm signature. Part V analyzes the configuration of the major features of CSIDS. This information allows you to configure your CSIDS in an efficient manner, thus providing the best security for the network. Part VI looks at the configuration of the Cisco Secure Intrusion Detection Director (CSIDD) platform, as well as the Cisco IOS® Firewall IDS. This book concludes with Part VII on upcoming features and enhancements planned for the CSIDS.
Cisco Secure Intrusion Detection System
is part of a recommended learning path from Cisco Systems that can include simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press.