An Analysis and Comparison of The Security Features of Firewalls and IDSs
2011 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE credits
Student thesis
Abstract [en]
In last few years we have observed a significant increase in the usage of computing devices and their capabilities to communicate with each other. With the increase in usage and communicating capabilities the higher level of network security is also required. Today the main devices used for the network security are the firewalls and IDS/IPS that provide perimeter defense. Both devices provide many overlapping security features but they have different aims, different protection potential and need to be used together. A firewall is an active device that implements ACLs and restricts unauthorized access to protected resources. An IDS only provides information for further necessary actions, not necessarily perimeter related, but some of these needed actions can be automated, such as automatic blocking in the firewall of attacking sites, which creates an IPS. This thesis report analyzed some common firewall and IDS products, and described their security features, functionalities, and limitations in detail. It also contains the comparison of the security features of the both devices. The firewall and IDS perform different functions for the network security, so they should be used in layered defense architecture. The passwords, firewalls, IDSs/IPSs and physical security all together provide a layered defense and complement each other. The firewall and IDS alone cannot offer sufficient network protection against the network attacks, and they should be used together to enhance the defense-in-depth or layered approach.
Place, publisher, year, edition, pages
2011. , p. 87
Keywords [en]
Firewall, Intrusion Detection, Anomaly, Access Control, Packet Inspection, Signatures, IDS
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:liu:diva-72934ISRN: LiTH-ISY-EX--11/4537--SEOAI: oai:DiVA.org:liu-72934DiVA, id: diva2:463786
Subject / course
Information Coding
Presentation
2011-12-08, Algoritmen, B 27-29, Linköping University, Linköping, 13:15 (English)
Uppsok
Technology
Supervisors
Examiners
2011-12-192011-12-112011-12-19Bibliographically approved