CCNA study notes on Security Device Manager (SDM)

Security Device Manager (SDM)

1. The following are the important characteristics of SDM (Security Device Manager):

• SDM doesn’t use Telnet/SSH for communicating with the router. Actually, a web server will be running on the router, and the client software will be running on the host computer.

• SDM uses web interface on a PC, and the user needs to connect to the router over an IP network and not through Console.

• The configuration will be written to the router’s running configuration file only after the Finish button is pressed on the SDM wizard. Note that the configuration is not written to the start-up configuration.

• SDM configuration wizard allows DHCP client services to be configured, with an option to add PAT services or not.

2. The Internet architecture provides an unregulated network path to attack innocent hosts. Denial-of-service (DoS) attacks exploit this to target mission-critical services. DoS attacks, are explicit attempts to block legitimate users system access by reducing system availability. Any physical or host-based intrusions are generally addressed through hardened security policies and authentication mechanisms. Although software patching defends against some attacks, it fails to safeguard against DoS flooding attacks, which exploit the unregulated forwarding of Internet packets.

3. An intrusion prevention system is a computer security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities.

Intrusion Detection Systems (IDS) detect unauthorized access attempts. There are basically two main types of IDS being used today: Network based (a packet monitor), and Host based (looking for instance at system logs for evidence of malicious or suspicious application activity in real time).

Both IPS and IDS are closely related, and IPS is considered as an extension of IDS.

Previous  Up  Next