1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. DFL-210 - NetDefend - Security Appliance
  6. User manual

Intrusion Detection And Prevention; Overview; Idp Availability In D-Link Models - D-Link NetDefend DFL-210 User Manual

Network security firewall ver. 1.05
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

6.3. Intrusion Detection and Preven-
tion

6.3. Intrusion Detection and Prevention

6.3.1. Overview

Intrusion Definition
Computer servers can sometimes have vulnerabilites which leave them exposed to attacks carried by
network traffic. Worms, trojans and backdoor exploits are examples of such attacks which, if suc-
cessful, can potentially compromise or take control of a server. A generic term that can be used to
describe these server orientated threats are intrusions.
Intrusion Detection
Intrusions differ from viruses in that a virus is normally contained in a single file download and this
is normally downloaded to a client system. An intrusion manifests itself as a malicious pattern of in-
ternet data aimed at bypassing server security mechanisms. Intrusions are not uncommon and they
can constantly evolve as their creation can be automated by the attacker. NetDefendOS IDP
provides an important line of defense against these threats.
Intrusion Detection and Prevention (IDP) is a NetDefendOS module that is designed to protect
against these instrusion attempts. It operates by monitoring network traffic as it passes through the
D-Link Firewall, searching for patterns that indicate an intrusion is being attempted. Once detected,
NetDefendOS IDP allows steps to be taken to neutralize both the intrusion attempt as well as its
source.
IDP Issues
In order to have an effective and reliable IDP system, the following issues have to be addressed:
1.
What kinds of traffic should be analyzed?
2.
What should we searched for in that traffic?
3.
What action should be carried out when an intrusion is detected?
NetDefendOS IDP Components
NetDefendOS IDP addresses the above IDP issues with the following mechanisms:
1.
IDP Rules are defined up by the administrator to determine what traffic should be scanned.
2.
Pattern Matching is applied by NetDefendOS IDP to the traffic that matches an IDP Rule as it
streams through the firewall.
3.
If NetDefendOS IDP detects an intrusion then the Action specified for the triggering IDP Rule
is taken.
IDP Rules, Pattern Matching and IDP Rule Actions are described in the sections which follow.

6.3.2. IDP Availability in D-Link Models

Maintenance and Advanced IDP
125
Chapter 6. Security Mechanisms

Advertisement

Table of Contents
loading

Related Manuals for D-Link NetDefend DFL-210

Related Content for D-Link NetDefend DFL-210

This manual is also suitable for:

Dfl-800Dfl-1600Netdefend dfl-2500Netdefend dfl-260Netdefend dfl-860Netdefend dfl-800 ... Show all

Table of Contents