Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

IDS VS Firewall

Posted on 2003-11-23
3
Medium Priority
?
973 Views
Last Modified: 2013-11-16

A simple question:

Can I use IDS to replace Firewall? What's your opinion?

Andrew
0
Comment
Question by:sonylwc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 13

Expert Comment

by:td_miles
ID: 9808167
Ummm, not really. IDS (Intusion Detection System) is only to alert you that someone is trying to do something bad, it often won't do anything to prevent the bad thing from happening. Some IDS can be setup to carry out certain automated tasks upon detecting a certain type of attack, but again, you need something to protect the network, this is what the firewall does.
0
 
LVL 4

Expert Comment

by:ferg-o
ID: 9808864

You should have both really. You can have boxes which do both in one unit - we sell the Symantec Gateway Security box at the top end which is a hardened linux box running Raptor/SEF and has some of Manhunt's network IDS features. It also has AV which is critical at the perimeter.

On the cheaper side we also sell the Fortigate appliances from Fortinet which do all of the above - but on the chipset as opposed to on top of Linux. Therefore they are relatively quick but do not have some of the advanced features and are a packet filter as opposed to application proxy.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 150 total points
ID: 9820143
Ditto. Absolutely insane to replace a firewall with IDS.
A firewall, by definition, automatically blocks all packets except those that you specifically configure to allow in, and typically uses stateful packet inspection that can go much further up the OSI layer (into layer 7) for "permission to come aboard"..
An IDS only listens passively to the network and sends an alert IF it sees something that it is programmed to alert on- typically based on known 'signatures'. This won't protect against unknown (or day-zero) outbreaks because the signature has not been captured and the IDS programmed to look for that new signature.

It's like putting a nice big strong lock on your home's door, then adding a motion-dector sensor and alarm on the inside of your house. If someone does perchance get through the door, you want to know it. Would you leave your door wide open just because you have a motion sensor turned on? Probably not.
Can you do without the motion sensor if you remember to keep the door closed and locked? Perhaps.
It's all relative to the value of what is behind the lock.


0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question