Intrusion Prevention System (IPS) Design for Cisco Networking CCNA

Verified

Added on 2023/05/30

AI Summary

This report outlines the design and implementation of an Intrusion Prevention System (IPS) for a four-building organization with a remote site. The report focuses on deploying Cisco IPS modules in inline and promiscuous modes, configuring LAN switches, and initializing the IPS module. It details the deployment of IPS sensors, switch configurations, and the steps for initializing the IPS module. The discussion section analyzes the strengths and weaknesses of the IPS design, emphasizing its role in blocking malicious traffic and improving network security. The report concludes with a cost analysis of the components required for the IPS implementation, including hardware, software, and distribution switches, along with a list of references.

Cisco Networking CCNA 1
CISCO NETWORKING CCNA
Name
Instructor
Institution
Course
City
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cisco Networking CCNA 2
CISCO NETWORKING CCNA
Introduction
As shown by the topology diagram SecureIT Pentesters is located in a four-building
house that is based in Watford. The organization also operates a remote site. As a computer
security specialist in pen-testing and IPS, I will design an intrusion prevention system to help my
employer in carrying out a pentest.
An IPS system

Cisco Networking CCNA 3
Deployment of IPS
In this scenario, the organization needs to deploy CISCO IPS modules in inline type of
mode. This will help in blocking inbound type of attacks. In addition to this, the organization
needs to install a standalone type of IPS in a promiscuous mode. This ought to be done inside of
the organization network. This two types of IPS ought to be attached to a distribution switch so
as to watch any malicious activity that is traversing in the switch. The organization also have to
deploy the two types of IPS between the remote site and the campus site to watch over the
organization LAN and any traffic which may be coming from DMVPN connection or patterns
connections or from the wireless traffic [2]. In addition, to the location, the organization need to
go for Cisco IPS 4520 sensor. For this type of CISCO IPS 4345, the organization ought to use
two-1 gigabit interfaces. In here each of them is attached to one of the switches using a port
channel. Figure 1 shows how the IPS system are deployed on the topology

Cisco Networking CCNA 4
Figure 1: How IPS ought to be deployed

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cisco Networking CCNA 5
Configuring IPS
The very first step is to configure the LAN switches port where the IPS will be
connected. A shown by the below snapshot
Step 1: Configuring the port where the IPS port is connected as shown by the snapshot below
Figure 2: Switch port configuration

Cisco Networking CCNA 6
Step 2: Configuring LAN distribution to allow the management of the IPS modules
Figure 3: LAN Distribution
At this step initializing of the IPS module is also required i.e. the IPS software module
is required to initialize this prepares the IPS from the configuration. This is then followed by a
line of commands. To configure the IPS module so that that it can load the integrated system
image disk and then boot the software [3]. The commands as shown by the figure below. The last
line is used to verify that the IPS module status is up.

Cisco Networking CCNA 7
Figure 4: Verifying the IPS module

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cisco Networking CCNA 8
Step 3: is initializing the Intrusion Prevention Module
At this step one is required to verify the IPS module status which is then followed by
preparing for configuration completion [4]
Figure 5: Initializing the IPS module

Cisco Networking CCNA 9
Discussion of the design
This design has implemented the basic implementation of IPS. IPS which have been
deployed plays a very important role in blocking and identifying the malicious traffic. Another
strength of IPS deployed in this scenario has the capability of improving security and availability
of organization services. In addition, the IPS has the capability of identifying LAN problems and
issues occurring on the organization LAN. One of the weaknesses with this system is that an IPS
can block an activity on the organization network just because it is out of normal as it assumes
that it is malicious which in turn causes a denial of service [5].
Some of strengthens of this design is that; by implementing IPS, the system has the
capability of evaluating and assessing the system and user activities. In addition, this design has
the capability of identifying configurations type of attacks and checking abnormal activity
patterns. Also, the system has the capability of monitoring the user policy violations and
identifying network type of intrusions [6].
Total installation cost
The following table shows the total cost of implementing this design
Component Number of
components
Unit Cost Total cost
Hardware and Software
VPN
3 $4000 $12000
Router 4 $250 $1000
Switch 4 $200 $800

Cisco Networking CCNA 10
IPS 6 $1000 $6000
Distribution switches 5 $500 $2500

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cisco Networking CCNA 11
References
[1] T. Lammle, J. Gay and A. Tatistcheff, SSFIPS : Securing Cisco Networks with Sourcefire...
by Todd Lammle, Chicago: Inandianpolis, 2016.
[2] A.-S. K. Pathan, The state of the art in intrusion prevention and detection, Boca Raton: CRC
Press, 2011.
[3] J. R. Vacca, Network and system security by John R Vacca, Amsterdam: Boston : Syngress,
2014.
[4] A. Ghorbani, W. Lu and M. Tavallaee, Network intrusion detection and prevention :
concepts... by Ali Ghorbani, New York: Springer, 2010.
[5] M. Shannon, CISA : Intrusion Detection and Intrusion Prevention by Michael Shannon,
New Hampshire: Skillsoft Corporation, 2010.
[6] Sullivan, Advanced Host Intrusion Prevention with CSA., New York: Cisco Press, 2014.