Packt+ | Advance your knowledge in tech

You're reading from CCNA Security 210-260 Certification Guide Build your knowledge of network security and pass your CCNA Security exam (210-260)

Product type Paperback

Published in Jun 2018

Publisher Packt

ISBN-13 9781787128873

Length 518 pages

Edition 1st Edition

Tools

Cisco

Concepts

IT Certification

Authors (3):

Glen D. Singh

Vinod

Anandh

View More author details

Table of Contents (23) Chapters

Title Page

Packt Upsell

Contributors

Preface

1. Exploring Security Threats FREE CHAPTER

2. Delving into Security Toolkits

3. Understanding Security Policies

4. Deep Diving into Cryptography

5. Implementing the AAA Framework

6. Securing the Control and Management Planes

7. Protecting Layer 2 Protocols

8. Protecting the Switch Infrastructure

9. Exploring Firewall Technologies

10. Cisco ASA

11. Advanced ASA Configuration

12. Configuring Zone-Based Firewalls

13. IPSec – The Protocol that Drives VPN

14. Configuring a Site-to-Site VPN

15. Configuring a Remote-Access VPN

16. Working with IPS

17. Application and Endpoint Security

1. Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

IDS and IPS

In this section, we will discuss the difference between and the placement of both an IDS and an IPS.

Intrusion Detection Systems

An Intrusion Detection System is an appliance that is used to detect security threats, either on a host system or a network. Let's use the following network topology to further explain how an IDS works:

As you can see, the IDS is not connected inline but to a port on the switch; therefore, the IDS will receive a copy of the network traffic for analysis and does not add any latency or delay the flow of traffic. Furthermore, if the IDS appliance is disabled or goes down, the network performance is not impacted. However, since it receives only a copy of the traffic and it's not an inline deployment (that is, network traffic is not passing through the appliance), only after a threat has been detected, the IDS appliance will generate an alert and will not be able to stop the attack as it's happening on the network. This makes the appliance reactive rather than...