The attack can be detected when the intruders from gaining access to the system. Success through system's vulnerabilities. When the invasion found IDS to send alarm (alert) to the administrator to perform sound check and stop the invasion continues. Installation IDS, thus helping to reduce the severity of the damage to the property of the organization.Additionally, the event log IDS can also save the wrong benchmarks have to be analyzed to prove opportunity to choose how to handle abnormal events, and keep important evidence as to the invasion.To set or determine the rule of IDS that need to be made in accordance with your organization's security policy, for example, is consistent with the rule of the firewall so that the IDS. Check end of things unusual needs.An example of the ability of IDS-Catch copy large database from the server (server) To the machine. Client (Client) of the employees. -Detect port scan made both by the intruders and malware such as worm. -Detection of vulnerabilities that attackers do NetBIOS Windows operating system in addition to using IDS. In the intrusion detection and event management Various abnormal and IDS are also useful in other aspects:Validation of the Security policyBecause the IDS as a firewall that goes from 2 lines to catch up penetrate. On offense, so sometimes the data from IDS to indicate which set of security rules (Rule) of fire lawon (Firewall) that is as error encountered traffic that is supposed to prevent (Block), but it does not have set rules for safety (Rule) that fire prevention to lawon (Firewall) (Block)Save your organization's threat.Because of the unusual event IDS recorded attack of the threat (threat) is detected. These data can be applied to an analysis of statistics. Study on attack patterns to be used for tactical defense systems. Information technology security next. This information also makes it possible for executives to understand the risk of threats, computer organization.Reducing offending: Securlty policyIf it is declared using the General system, user IDS will be careful to use the system or be afraid to commit because of any action on the system, will be watching at all times by IDS. The securitypolicy abuse reduced
การแปล กรุณารอสักครู่..