13.3 Detecting and Mitigating Threats

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

11 hours
Video Transcription
Hello. Welcome back, Siskel Certified Design associate Roger. 13 lice and 13.3. I'm your instructor Wing.
In a previous video, we talked about trust under identity technologies. From this video, we will begin to introduce detecting and mitigating threats.
Here's the previous has no question which of the following can be used to perform file a few touring with the use of a C. L's Select all that Apply A s a p I P s C A s A s, and asked sm
the all of this above
We go with the A m a. C. This is go firewalls. Which module on S A. As M security appliance is also poor firewall filtering with a C house.
Here's the topic we will discuss
they use of the threat detection and the medication techniques in it goes already detection off and a notification about unwanted it. Malaysia's traffic. The goals are to detect, won't notify and how to stop unforeseen and unauthorized the traffic.
These techniques help increase the network's availability, particularly against UN identified on unexpected attacks,
threat detection and the medication solution including the following
and employment protection viruses. Out of worms can create a hobby goodbye. Propagating infections from a toasted to host to throw out of the network and the virus. The service's can help the host to detect on to remove the infection's based on new embarrass pattern markings,
application security and a content of security defense.
Several new application layer American products have being be beast that I help address new classes of the frights. Such a spam official Spare where. Packet abuse on unauthorized. The point. A point of file sharing content of security per taxes. Such is a Cisco Douglas A Appliances
provide a comprehensive anti virus Auntie Spangler file Rocking
anti Spam You're out rocking and content filtering service. Is these products a supplement? Traditional firewalls on the Intrusion prevention Systems i ke aes solutions
with more granular trafficking Inspection Service's thereby quarantining traffic so that it does not have propagated throughout the network
infection Containment. This is cool. The S A s. A service is Molly. Oh, on by wise firewalls protected the network by creating security zones that a partition and never been to separate the segments. The firewall service's provide a per meter network security
but do not have eliminated the need for a continuous network. Tamar Goring
as part of the Cisco Safe Architecture. Sister Eyes can be used in the crime reader to perform a policy based animation control that's reducing for potential frights in LA i t s. This is glass he innovated in the area off i ps
by being the first to incorporate I ps into their eyes on routing and assuaging platforms.
In addition, I Kiesa solutions having in life you during features that I can't remove unwanted traffic where the programmable features, they have a cause. If I traffic patterns, this is go I y s f p s can identify, idolize stop long into traffic from a flowing on the network
intrusion prevention and the intrusion detection systems are never security devices that are proactively identify and block security frights. Today's the security threats are far too complex to be secured by a singles security device. Although security techniques such as access control,
viable service's device hardening how particularly never heard from attacks,
they cannot provide adequate protections from fast moving Mauer or zero day attacks. Network security must adapted to this rights on the new never designs a should include ideas and I p s that have a features that can detect, not block, this new and involving rights.
Both EKGs and ideas. Look at a packet of payloads on Compare this against the security signatures.
That ain't no a lot. Intrusion prevention systems are classified into two categories. Intrusion detection systems. Ideas is our passive devices that monitor traffic on the generator. Alerts are lakhs. One suspicious traffic is a detective from attacks
such as reconnaissance or DOS attacks.
Since the ideas devices are only analyzing traffic flows, there's no impact on at all to network of performance intrusion. Prevention systems like gases are active devices that are not only scan detected on but also block immolations tracking from coming into the network
for the I. P s. That actually blocked traffic.
It has to be the pointing in lie mode where traffic is forced to throw out of the I. P. S that away the Iraqi *** can detect them to prevent a suspicious traffic in real time from accessing the internal network.
I PS ideas technologies are accommodated, deployed as the sensors under the are inevitably Manny options.
I p s a sense of this candid deployed on dedicated hardware appliances were using I ps and software on rodders switches or five or modules. Both I T s and I. D s technologies need to be able to detect a malicious traffic which has unique characteristics identified through the use of the signatures.
A signature is outside of the rules
that I ps ideas the sensors used to detect a suspicious activity. During that work attacks, signatures can detective viruses, malware and protocal on anomalies.
Sensors are tuned to detect a regular traffic patterns, or Varis is by matching signature.
Both i ps on ideas can be used together to increase the security by providing extra visibility into the traffic flow because on ideas as a zero impact on the network, it can be used to do deeper packet inspection in more areas within the network.
Entity i ke as can be used for the most critical parts
off the network. This table allies, the pros and a cause of ideas and I ps devices
firepower i ke aes. The growth of a dissenter resource is allowing the increase. The security policy compact city are driving the need for next generation Security Service's ah comprehensive set of a security capabilities in needed. You wanted to come back. The advance. The data Security threats, intimidation to firewall Security Service's
Cisco. He has a clustering along with the Firepower Service modules.
Provides increased the security capabilities on the simplicity to help Barry gave this calendars
fire Power module features and benefits for sisterly essay appliances include the following. Next generation Intuition prevention system on GPS provides a fright protection and a contact. Your awareness. Your ALF you during provides over 80 categories and millions of your l's for few gering
application. Visible, aided and control. ABC
provides over 3000 application layer and a risky base to compose on a vast Amara where Protection imp provides malware detection and blocking.
This is the Web security appliance WS is designed to monitor. And Amanda Gator, a normal Web traffic of between users at a public Internet ws a appliance provide a Web filtering, malware protection, identity based policies on I said so often loaded service is
Cisco what the ISI's are available as a physical hardware appliances or as a virtual Cisco double Isaiah biases.
The double as a acts as a Web proxy for the cooperator users reciting on the internal network segments on is a logical replaced in a path between the users and the Internet. There are three ways to implement a W essays to all the way to require Internet browser customization Sze
This table described the demise a mold options
learning tack pressed Number one was Cisco Security Appliance acts as SMTP getaway for the other price A sister Ice pieces for the S A C Cisco s a thesis. Go double I say we go with the B, right?
Cisco? Yes. A Is a firewall on the fried monitoring appliance for SMTP based the traffic on PCP Port 25.
Question number two Which application can provide a Tripoli service is for Sistol devices. Asystole firepower be cast plus C i p s l A t e Cisco Trust sec. We go with the tack ***. Plus
in today's brief electorally disguise the detecting on a medicating frights
Any questions? Feel free to contact me Otherwise I will see you in the next video. Bye for now
Up Next
CCDA (Cisco Certified Design Associate)

In this CCDA training you will learn the knowledge and skills involved in attaining your Cisco Certified Design Associate (CCDA) certification.

Instructed By