Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 974
  • Last Modified:

IDS VS Firewall


A simple question:

Can I use IDS to replace Firewall? What's your opinion?

Andrew
0
sonylwc
Asked:
sonylwc
1 Solution
 
td_milesCommented:
Ummm, not really. IDS (Intusion Detection System) is only to alert you that someone is trying to do something bad, it often won't do anything to prevent the bad thing from happening. Some IDS can be setup to carry out certain automated tasks upon detecting a certain type of attack, but again, you need something to protect the network, this is what the firewall does.
0
 
ferg-oCommented:

You should have both really. You can have boxes which do both in one unit - we sell the Symantec Gateway Security box at the top end which is a hardened linux box running Raptor/SEF and has some of Manhunt's network IDS features. It also has AV which is critical at the perimeter.

On the cheaper side we also sell the Fortigate appliances from Fortinet which do all of the above - but on the chipset as opposed to on top of Linux. Therefore they are relatively quick but do not have some of the advanced features and are a packet filter as opposed to application proxy.
0
 
lrmooreCommented:
Ditto. Absolutely insane to replace a firewall with IDS.
A firewall, by definition, automatically blocks all packets except those that you specifically configure to allow in, and typically uses stateful packet inspection that can go much further up the OSI layer (into layer 7) for "permission to come aboard"..
An IDS only listens passively to the network and sends an alert IF it sees something that it is programmed to alert on- typically based on known 'signatures'. This won't protect against unknown (or day-zero) outbreaks because the signature has not been captured and the IDS programmed to look for that new signature.

It's like putting a nice big strong lock on your home's door, then adding a motion-dector sensor and alarm on the inside of your house. If someone does perchance get through the door, you want to know it. Would you leave your door wide open just because you have a motion sensor turned on? Probably not.
Can you do without the motion sensor if you remember to keep the door closed and locked? Perhaps.
It's all relative to the value of what is behind the lock.


0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now