TMS zl Management and Configuration Guide ST.1.1.100430
6-3
Intrusion Detection and Prevention
Overview
Overview
Networks today are increasingly vulnerable to attacks not only from without
but also from within. Company often offer access to guests, contractors,
partners, and other less trusted users. In addition, network users are increas-
ingly mobile, working from home or on the road and roaming between rooms
and even buildings at their company offices. These users connect their devices
to the Internet or other company networks, where they are exposed to viruses
and other malware, and then plug them back into the company network.
The TMS zl Module provides as Intrusion Detection System/Intrusion Preven-
tion System (IDS/IPS) to secure your network from intrusion attempts,
worms, malware, and denial of service (DoS) attacks—no matter what their
origin.
For more information on IDS/IPSs as well as on the attacks that they combat,
see “IDS/IPS Concepts” on page 6-3.
To learn how to configure the TMS zl Module IDS/IPS, see “Configure IDS/IPS”
on page 6-20.
IDS/IPS Concepts
Hacker attacks, employee threats, virus skirmishes, and battles with worms—
to implement successful network security, you must first understand the types
of attacks that threaten your network. In Chapter 4: “Firewall,” you learned
about several specific attacks. While a list of every attack is beyond the scope
of this (or any) guide, this chapter will explore some of the most common
network attacks.
First, this chapter introduces you to four network attack vectors. Understand-
ing the origin of an attack and the intentions behind it can help you to
implement the correct type of network protection in the correct network
location.