Objective 3.2: Specialized Network Devices
Objective 3.2: Identify the functions of specialized network devices
An Intrusion Detection System (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. An intrusion detection system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms). An Intrusion Prevention System is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code or attacks . When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass. Intrusion prevention technology is considered by some to be an extension of intrusion detection (IDS) technology.
A proxy server is a server that makes Internet connections on behalf of the client PCs. All the requests for Internet access that are made by a client on a network are executed by the proxy server. In other words, a proxy server acts as a point of contact between a private network and a public network such as the Internet.
Using a proxy improves the control administrators have over the network because proxies can be configured, among other things, to prohibit access to non-business-related sites or to restrict Internet access to groups that do not need it. Also the overall performance of the network is increased due to the proxy's ability to cache the pages that users view the most. Another advantage is the record keeping capabilities of the proxy server. This is used by organizations to monitor the use employees make of the Internet, as it records the requests made along with the time and duration of those requests.