Configure an IDS & IPS

Overview

An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious events or violations of defined policies.

An intrusion prevention system (IPS) is a network security prevention device or software which examines the flow and data of network traffic and prevents potentially vulnerable exploitation.

Setup and configure an IDS and IPS on your local network. Create a network of host machines and generate network activity. Analyze how the IDS and IPS work.

Popular IDS and IPS Software Solutions:

  • SolarWinds Security Event Manager
  • CrowdStrike Falcon (trial)
  • Snort (free)
  • OSSEC (free)
  • ManageEngine EventLog Analyzer

Project Recommendations

It is recommended you have familiarity with the foundations of networking, network security technologies, network attacks, use of virtualization software / hypervisor, and formidable research skills.

Recommended Level

Beginner to Intermediate

Project Author Credit: Grant C.