subject: Intrusion Protection Strategies For Your Network [print this page] If your computer is not connected to any other computers (via LAN, WAN, through the net etc.) and does not have a modem, the only way you can access your computer is to physically use it. Maintaining the Security of the network will secure the computer. As soon as your computer is linked or connected to another computer you add the probability that someone using a computer which is connected to the network, can access your computer's information.
If your network, which is your connected computers, consists only of other computers in the same building you can still secure the network by securing the rooms where the computers reside. An example of this would be two computers sharing the same files and printer, but not having a modem or not connected to any other networks.
It is wise to learn about other ways to secure a network of computers, in case you would like to expand in the future. Networks have a tendency to expand. If you have a network, a trespasser who gains access to any computer on that network has at least some access to all of them.
Intrusion prevention, also known as Intrusion discovery and prevention systems are network security applications that monitor network or system activities for malicious activity. The main functions of intrusion prevention are to identify harmful activity, monitor information about specific activity, attempt to stop activity, and detail the activity.
Intrusion prevention systems are also known as extensions of intrusion detection systems because they both observe a company's network traffic and/or system activities for harmful activity. The main differences between intrusion detection systems and intrusion prevention systems are put in place together and are able to actively prevent intrusions that are detected. More specifically, these intrusion protections can take such actions as sending an alert, dropping the harmful packets, reestablishing the connection or completely blocking the traffic from the offending IP address. An intrusion prevention service can also correct problems like, unfragmented packet streams, prevent transmission control protocol issues, and clean up unwanted transfer and different network layer options.
For intrusion detection and prevention services, dropping packets under high loads can cause disruptions in network availability; also, delays in processing data could cause lag in the network. To avoid this, organizations using intrusion detection and prevention sensors should select specific ones that can recognize high load conditions and either pass specific types of network traffic through the sensor without performing full breakdown or drop the less important traffic to reduce load. Many vendors attempt to optimize their sensors to provide better performance under high loads by taking measures such as using specific and recompiling parts of their software to include settings and other customizations made by administrators.
As mentioned before, Intrusion discovery and prevention systems also monitor network or system activities for malicious activity. These services, along with specific hardware are vital in maintaining a smooth running network and also maximize the network capabilities of a company.
