Professional Documents
Culture Documents
Background :
IPS:
Intrusion Prevention System is also known as Intrusion Detection and
Prevention System. It is a network security application that monitors network or
system activities for malicious activity. Major functions of intrusion prevention
systems are to identify malicious activity, collect information about this activity,
report it and attempt to block or stop it.
The Intrusion Prevention System scans traffic to look for known attack patterns to
block. It watches packets and sessions as they flow through the router and scans each
packet to match any of the Cisco IPS signatures. When it detects suspicious activity,
it is designed to log or block it. It is important to update the IPS and Antivirus
databases and definitions. These can be updated manually or automatically.
Types:
NETWORK ARCHITECTURE:
Tasks:
• Configure logging.
• Verify IPS.
This is because the IPS rule for event-action of an echo request was set to
“denypacket-inline”.
Ping was successful. Because the IPS rule does not cover echo reply. When PC-
A pings PC-C. PC-C responds with an echo reply.