keyboard_arrow_up
Using Cisco Network Components to Improve NIDPS Performance

Authors

Waleed Bul´ajoul1, Anne James1, Siraj Shaikh1 and Mandeep Pannu2, 1Coventry University, UK and 2Kwantlen Polytechnic University, Canada

Abstract

Network Intrusion Detection and Prevention Systems (NIDPSs) are used to detect, prevent and report evidence of attacks and malicious traffic. Our paper presents a study where we used open source NIDPS software. We show that NIDPS detection performance can be weak in the face of high-speed and high-load traffic in terms of missed alerts and missed logs. To counteract this problem, we have proposed and evaluated a solution that utilizes QoS, queues and parallel technologies in a multi-layer Cisco Catalyst Switch to increase NIDPSs detection performance. Our approach designs a novel QoS architecture to organise and improve throughput-forwardplan traffic in a layer 3 switch in order to improve NIDPS performance.

Keywords

Network security, intrusion detection system, network intrusion detection system, open source, Cisco switch configuration & Quality of Service.

Full Text  Volume 6, Number 10