Intrusion detection systems (IDSs) are network appliances that detect inappropriate, incorrect and disrupting activities on the network. It provides administrators visibility into the network. Traditionally, these devices have been placed between the border router and the firewalls. This architecture has undergone significant changes in recent years because of the changing nature of malware. Organizations are having to deploy multiple IDSs across the network to detect abnormal activities on infrastructure.
Research a minimum of two industry resources (e.g., National Institute for Standards & Technology [NIST], Institute of Electrical and Electronic Engineers [IEEE], and Internet Engineering Taskforce [IETF], etc.) on this topic. (Access the MISM Credible Resource GuideLinks to an external site. for assistance with finding appropriate credible professional resources.) Use your findings to differentiate between the different types of intrusion detection systems and explain their uses. Describe optimum locations for IDS on a corporate TCP/IP network and explain how IDSs can be used to complement firewalls.
