There are several lines of defense available to network and security administrators, including intrusion prevention and detection technologies. The activities and tools that are available to monitor and test the security levels on a modern network are varied. They range from free open source to very expensive and sophisticated technologies. They come in single-use solutions and best-of-breed solutions, which are typically suites of network management applications that perform a variety of activities.
In this assignment you explain various monitoring tools and methods available to network administrators.
Write 3–4 pages in which you consider the following aspects of network monitoring.
Choose a common packet inspection tool and explain how it works to mitigate threats.
Describe three criteria that a network or security administrator might use when selecting a network monitoring tool.
Describe a security policy that is designed to ensure that an organization’s information is not compromised by internal IT staff.
Sample Solution
Network monitoring is a crucial element of an organization’s IT security strategy as it allows administrators to proactively identify and mitigate potential threats before they become serious issues. One of the most commonly used packet inspection tools for detecting and preventing malicious activity is Intrusion Detection System (IDS). IDS works by scanning all incoming and outgoing traffic on a network in order to recognize any suspicious patterns or abnormal behaviors that may indicate malicious intent. This system also has the capability to alert system administrators when unusual activities are detected, allowing them to take immediate action in response. Additionally, this tool can be configured to block certain types of traffic from entering the network if necessary (Yu 2020).
Sample Solution
Network monitoring is a crucial element of an organization’s IT security strategy as it allows administrators to proactively identify and mitigate potential threats before they become serious issues. One of the most commonly used packet inspection tools for detecting and preventing malicious activity is Intrusion Detection System (IDS). IDS works by scanning all incoming and outgoing traffic on a network in order to recognize any suspicious patterns or abnormal behaviors that may indicate malicious intent. This system also has the capability to alert system administrators when unusual activities are detected, allowing them to take immediate action in response. Additionally, this tool can be configured to block certain types of traffic from entering the network if necessary (Yu 2020).