Thanks Keith for your simplicity :) I have a question. Where do I place my IPS system in the network if I need to protect both my DMZ and Local Network? Or do I need to purchase 2 hardware ?
well i wanted to thank you aboute the video, but i really didn't get it well aboute the signatur mach & anomaly detection :( so please if you can help me more with another video or anything you see it good enough,,,,, i'm a beginner in this formation. please i need it soon :) and thank you again.
Hi Mimi- A signature is a pre-defined pattern, that an IPS/IDS can use to compare against the traffic it sees. If the traffic matches the pre-defined signature, the IPS/IDS can generate an alarm to indicate a signature match has occurred. Typically the signatures are configured to match on malicious traffic. Anomaly detection uses a baseline, such as how many 1/2 formed TCP connections (or scans) are in place at any given time, and then if traffic becomes abnormal (from that baseline) that could trigger an alert based on the anomaly. There are also options for anomalies based on the expected normal behavior of protocols. If you haven't already, check out the CISSP course at CBTNuggets.com If you are not yet a member, check us out for free with the 7 day free trial option, and enjoy the videos. Thanks, Keith
You just wasted my time. I irritate when instructors talk about theory .As if they talk a tale . There are hundreds of IDS and IPS theory materials on google.
Never heard anyone so stoked about this stuff.
This was great it explained my entire 30 page chapter into something a visual learner could understand! Thank you!
Glad it was helpful!
x2
Oh man, that was brilliantly explained! Cleared up so many concepts, good stuff broseph!
Best trainer ever. Thank you for the clear explanation Keith.
1:51 Came here praying u at least explain about span port and inline port and u explained it splendidly.
you are awesome man the way you are teaching sounds like you are enjoying by yourself to teach whatever you are teaching...thumbs up
He sounds like he's dubbing an anime!
Keith is awesome though, one of their best for sure!
This channel is from the heavens!!
A very descent and informative video it is. Thanx for this man .. Dont stop making such noble clips
Thank you for a short but clear explanation.
Thanks Keith for your simplicity :)
I have a question.
Where do I place my IPS system in the network if I need to protect both my DMZ and Local Network? Or do I need to purchase 2 hardware
?
You can create multiple vlan pairs using a single appliance and have your ips inline on both networks
You explained how IDS detects malicious behavior such as signature and anomaly match. But how does IPS actually prevent that malicious behavior??
Simple and clear. Best thing? I can explain it easily.
Wow easy to follow and engaging! Also easy on the eyes.
Would't it be easier to just use a FW with UTM? or is IPS.IDS builtin on the FW?
Great Video, thanks
I love the explanation simple and understanding
very good video, simple and detailled at the same time, thank you !
Very well explained, i have one doubt, clipping is set manually or automatically?
loved the video
Thanks!
This was great, thank you.
Simple and sweet, give you the thumb up.
This is great, thank you.
Thank you for this! so clear.
thank you so much sir, looking forward for more knowledge from you
Thanks Sir
Thanks very much for the clear explanation. I like it.
very informative
Excellent I like you presentation
well explained
Thanks
awesome
Great (Y) thank you :D
well i wanted to thank you aboute the video, but i really didn't get it well aboute the signatur mach & anomaly detection :( so please if you can help me more with another video or anything you see it good enough,,,,, i'm a beginner in this formation. please i need it soon :) and thank you again.
Hi Mimi-
A signature is a pre-defined pattern, that an IPS/IDS can use to compare against the traffic it sees. If the traffic matches the pre-defined signature, the IPS/IDS can generate an alarm to indicate a signature match has occurred. Typically the signatures are configured to match on malicious traffic.
Anomaly detection uses a baseline, such as how many 1/2 formed TCP connections (or scans) are in place at any given time, and then if traffic becomes abnormal (from that baseline) that could trigger an alert based on the anomaly. There are also options for anomalies based on the expected normal behavior of protocols.
If you haven't already, check out the CISSP course at CBTNuggets.com If you are not yet a member, check us out for free with the 7 day free trial option, and enjoy the videos.
Thanks,
Keith
***** thank youuuuuuuuuuuuuu
i'll visit you ;)
Grazie mille
And I'd like to thank You for this informative vid' !
thanks
good vid
super
_nice_
i am a man and i wanna marry you sir
omg got this explanation is a mess i rather watch Theory of relativity formulas then this
You just wasted my time. I irritate when instructors talk about theory .As if they talk a tale . There are hundreds of IDS and IPS theory materials on google.
Thanks