Respond to this colleagues (BELOW): (Half a page and please, provide a reference )
Explain how an IPS can be crippling to an organization, including how intrusion detection logs can overwhelm an unprepared IT staff. Support your rationale.
Post from colleague 1
An Intrusion Prevention System (IPS) is a network security technology or a threat prevention technology that filters the network flow to detect and prevent vulnerability exploits. There are various vulnerabilities exploits ranging from known exploits to zero-day exploits which are targeted to an organization network system, application, or computer. The work of the IPS is to detect and respond to such threats in a timely manner in order to eliminate threats and false positives.
The Intrusion Prevention Systems (IPS) can be crippling to an organization when there are issues with the false positives. The false positives are alerts that indicate some forms of threats to a system, upon inspection it turns out to be legitimate network traffic. These can be overwhelming to an unprepared IT staff because as the system blocks abnormal activities on the network assuming such abnormal activity is malicious. It might just a false negative and can eventually lead to a DoS to a legitimate user who is attempting a valid procedure on the network.
Another way it could cripple an organization is when the organization doesn’t have enough bandwidth and network capacity which on the long run the IPS tool could slow down the system.
Rouse, M. Intrusion Prevention System (IPS). Retrieved from https://searchsecurity.techtarget.com/definition/intrusion-prevention
Scarfone, K. & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). Recommendations of the National Institute of Standards and Technology. National Institute of Standards and Technology (NIST). Special publication 800-94
Post from colleague 2
Good morning Professor and classmates,
An IPS or intrusion prevention system is a network utility that basically monitors traffic on a network specifically looking for vulnerability exploits. Most often than not you would find the IPS working with the firewall, scanning whatever makes it through the firewall so that the traffic at that point has been hit with two different kinds of protection from the system already.
The way that an IPS works is through two main directives, but there can be others depending on the setup. The first of which is called signature-based detection, and this is a fairly unique and interesting way to monitor traffic. It keeps a running, growing list of odd and unique patterns in the code, and any it identifies as not correct it remembers. The second way is called statistical anomaly detection, which randomly samples the network traffic and uses an already defined level to make sure that nothing out of the ordinary is happening. While IPS used to not be too common, it is routinely added to networks and systems in this day and age.
With that being said a team that didn’t know how to operate or read the results of an IPS could easily be overwhelmed with the results and operating the IPS.
Palo Alto Networks. (2020). In What is an Intrusion Prevention System?. Retrieved from https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips#:~:text=An%20Intrusion%20Prevention%20System%20(IPS,detect%20and%20prevent%20vulnerability%20exploits
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we\'ll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.