Deployment of Intrusion Prevention System on Multi-Core Processor Based Security Hardware
International Journal of Computer Networks & Communications (IJCNC), 10 (3):
13-26 (May 2018)DOI: 10.5121/ijcnc.2018.10302
Abstract
After tightening up network perimeter for dealing with external threats, organizations have woken up to the threats from inside Local Area Networks (LAN) over the past several years. It is thus important to design and implement LAN security strategies in order to secure assets on LAN by filtering traffic and thereby protecting them from malicious access and insider attacks. Banking Financial Services and Insurance
(BFSI) industry is one such segment that faces increased risks and security challenges. The typical architecture of this segment includes several thousands of users connecting from various branches over Wide Area Network (WAN) links crossing national and international boundaries with varying network speed to access data center resources. The objective of this work is to deploy LAN security solution to
protect the data center located at headquarters from the end user machines. A LAN security solution should ideally provide Network Access Control (NAC) along with cleaning (securing) the traffic going through it. Traffic cleaning itself includes various features like firewall, intrusion detection/prevention, traffic anomaly
detection, validation of asset ownership etc. LANenforcer (LE) is a device deployed in front of the data center such that the traffic from end-user machines necessarily passes through it so that it can enforce security. The goal of this system is to enhance the security features of a LANenforcer security system with Intrusion Prevention System (IPS) to enable it to detect and prevent malicious network activities. IPS is
plugged into the packet path based on the configuration in such a way that the entire traffic passes through the IPS on LE.