Network Management Strategies for the CIO
Intrusion
Prevention Fundamentals:
An introduction to network attack mitigation with IPS
*Note: The files in this WhatIs.com audio book series are quite large and may take as
long as five minutes to download.
What is an intrusion prevention system?
A n intrusion prevention system (IPS) is a security protection device or application that acts
as a Layer 2 forwarding device to protect network devices from attack.
"Whether you are evaluating IPS technologies or want to learn how to deploy and manage IPS in
your network, the book Intrusion
Prevention Fundamentals by Earl Carter and Jonathan Hogue is an invaluable
resource for anyone who needs to know how IPS technology works, what problems it can or cannot
solve, how it is deployed and where it fits in the larger security marketplace."
CiscoPress.com.
Cisco Press, Ciscopress.com, has been kind enough to allow
us to podcast the first chapter of this book. For your convenience, we’ve broken the chapter into
four downloads of about 15 minutes each. We’ve also provided you with a glossary from WhatIs.com to
go with each section.
Part One:
Evolution of Computer Security Threats
Glossary: network, host, firewall, mainframe, dumb
terminal, client/server,
peer-to-peer,
node, Internet, FTP,
VoIP, SMTP, instant
messaging, TCP/IP, UDP, packet, wireless, mobile
computing, PDA
Part Two: Target
Value, Attack Characteristics and Attack Delivery Mechanisms
Glossary: zombie, modem, floppy
disk, USB, war dialer, DSL,
obfuscation,
drive-by
spamming, wireless LAN, denial of
service, encryption,
decryption
Part Three: Attack
Examples from the Real World
Glossary: attack vector,
worm, virus, Trojan,
executable,
Chernobyl
virus, BIOS, ILOVEYOU virus,
social
engineering, file sharing, server, SQL, Slammer,
database,buffer
overflow
Part Four:
Evolution of Attack Mitigation
Glossary: antivirus
software, personal
firewall, port, access log, OSI Reference Model
Illustrated, layer 2, compliance, port 80, HTTP
-------------------------------------------------------------------------------------------------
About the Authors:
Earl Carter is a consulting engineer and member of the Security Technologies Assessment Team
(STAT) for Cisco Systems.
Download a chapter from Earl Carter's book Intrusion Detection
Systems.
Jonathan Hogue, CISSP, is a technical marketing engineer in the Cisco security business unit
where his primary focus is the Cisco Security Agent.