Section 01: IDS, IPS, Firewall and Concepts

Concepts

IDS (Intrusion detection system)

An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations.

Honeypot

In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site which contains information or resources of value to attackers.

NAC (Network access control)

Network access control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.

Firewall

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

DMZ (Demilitarized zone)

In computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network or screened subnet) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet.

NAT (Network address translation)

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.

VPN (Virtual private network)

A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

Links

• https://en.wikipedia.org/wiki/Intrusion_detection_system

• https://en.wikipedia.org/wiki/Honeypot_(computing)

• https://en.wikipedia.org/wiki/Network_Access_Control

• https://en.wikipedia.org/wiki/DMZ_(computing)

• https://en.wikipedia.org/wiki/Firewall_(computing)

• https://en.wikipedia.org/wiki/Network_address_translation

• https://en.wikipedia.org/wiki/Virtual_private_network