Scribd Logo
Upload

Welcome to Scribd!

  • Firewall&IDS

    Uploaded by

    kianshah
    14 views1 page
    Firewall is perimeter security. It means firewall is the first level of security. The best practice in combination of firewall and IDS is illustrated in figure1. IDS doesn't have the ability to drop packets and in a situation that IDS is placed before firewall (fig2) IDS just provides a lot of alarms. The main reason is integrity checking module in firewalls. This module saves the hashed value of policies and configuration of firewall in different places and if there is any change, all incoming

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Firewall is perimeter security. It means firewall is the first level of security. The best practice in combination of firewall and IDS is illustrated in figure1. IDS doesn't have the ability to drop packets and in a situation that IDS is placed before firewall (fig2) IDS just provides a lot of alarms. The main reason is integrity checking module in firewalls. This module saves the hashed value of policies and configuration of firewall in different places and if there is any change, all incoming

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views1 page

    Firewall&IDS

    Uploaded by

    kianshah
    Firewall is perimeter security. It means firewall is the first level of security. The best practice in combination of firewall and IDS is illustrated in figure1. IDS doesn't have the ability to drop packets and in a situation that IDS is placed before firewall (fig2) IDS just provides a lot of alarms. The main reason is integrity checking module in firewalls. This module saves the hashed value of policies and configuration of firewall in different places and if there is any change, all incoming

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Why firewall must be placed before IDS ?

    Firewall is perimeter security. It means firewall is the first level of security. The
    best practice in combination of firewall and IDS is illustrated in figure1.

    Figure1. Firewall + IDS (Best Practice)

    Figure2. IDS + Firewall

    The first reason that why firewall must be prior to the IDS is that, IDS doesn’t
    have the ability to drop packets and in a situation that IDS is placed before
    firewall (fig2) IDS just provides a lot of alarms.

    The main reason is Integrity checking module in firewalls.

    What is Integrity checking module? This module saves the hashed value of policies
    and configuration of firewall in different places. Regularly this hashed value is
    checked by the firewall and if there is any change, all incoming packets will be
    dropped.

    In fig2 if the IDS is compromised, it can be used as a zombie and there is no facility
    to solve the problem. But if such a problem happens to firewall, it can make it up
    by using integrity checking module.

    Best Regards - Ali Taherian

    You might also like