Systém prevence proti narušení

Abstract

Firewall and intrusion prevention system can itself be implemented as hardware or software deployed in the form. The primary purpose of these is the firewall determine how network traffic is able to pass. While intrusion prevention system reveals undesirable activity, such as unsuccessful attempts to connect to remote service or obtaining information about internal networks, protocols, applications. At an event in response to the actions defined by internal rules. The thesis describes the basic principles of firewall and intrusion prevention system. Mentioned are the different types of address translation and port on the firewall and various analyzes of the data capture, procedures for making their own rules and formats of alerts. Describes the installation of services running in the proposed network, which is striving for safety communication, create rules on the firewall and intrusion prevention system. To verify the functionality and protection provided was transferred to several types of attacks by penetrating instruments.