Professional Documents
Culture Documents
Background :
IPS:
Intrusion Prevention System is also known as Intrusion Detection and Prevention
System. It is a network security application that monitors network or system
activities for malicious activity. Major functions of intrusion prevention systems are
to identify malicious activity, collect information about this activity, report it and
attempt to block or stop it.
The Intrusion Prevention System scans traffic to look for known attack patterns to
block. It watches packets and sessions as they flow through the router and scans each
packet to match any of the Cisco IPS signatures. When it detects suspicious activity,
it is designed to log or block it. It is important to update the IPS and Antivirus
databases and definitions. These can be updated manually or automatically.
Types:
NETWORK ARCHITECTURE:
Tasks:
• Configure logging.
• Verify IPS.
This is because the IPS rule for event-action of an echo request was set to
“denypacket-inline”.
Ping was successful. Because the IPS rule does not cover echo reply. When PCA
pings PC-C. PC-C responds with an echo reply.