Implementation of IDS and IPS for Network Security in IT Infrastructure : Design, Configuration, and Evaluation of Intrusion Detection and Prevention Mechanisms
Arafat, Md Yeasin (2025)
Arafat, Md Yeasin
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025052917889
https://urn.fi/URN:NBN:fi:amk-2025052917889
Tiivistelmä
In today’s complex networked landscape, both enterprises and individual users have the added challenge of securing their connected devices as the latter become increasingly commonplace. Real-time identification and mitigation of threats are ensured via the Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). The proposed IDS and IPS include Features such as packet-level filtering, traffic analysis, and the ability to respond in real-time, these are tested and verified on IT infrastructure.
The project was implemented with open-source technologies to create a web-based setup that can detect and mitigate network threats like an ICMP ping flood, Port scans, etc. A bridge network set in a virtualized environment to replicate a production-level inline IPS setup. These were not only tailor-made detection rules to detect suspicious activities but also automated alert emails to alert administrators as soon as a suspicious activity was detected. Extensive testing of the system was carried out to ensure that attack traffic was dropped, and the responses logged, demonstrating the system’s operational effectiveness.
I hope this study will help network administrators to test IDS and IPS effectively at their premises. Using a free-of-cost tool, thus serving as a convincing guide for those organizations that wish to deploy cost-effective & flexible security model at their network level.
The project was implemented with open-source technologies to create a web-based setup that can detect and mitigate network threats like an ICMP ping flood, Port scans, etc. A bridge network set in a virtualized environment to replicate a production-level inline IPS setup. These were not only tailor-made detection rules to detect suspicious activities but also automated alert emails to alert administrators as soon as a suspicious activity was detected. Extensive testing of the system was carried out to ensure that attack traffic was dropped, and the responses logged, demonstrating the system’s operational effectiveness.
I hope this study will help network administrators to test IDS and IPS effectively at their premises. Using a free-of-cost tool, thus serving as a convincing guide for those organizations that wish to deploy cost-effective & flexible security model at their network level.