Académique Documents
Professionnel Documents
Culture Documents
Scenario
A small company is using the topology shown below to secure its intranet while providing a lesssecured environment to its eCommerce DMZ server. The company is concerned that firewalls
are not enough to detect and prevent network attacks. Hence, deployment of sensors to
intrusion detection systems (IDS) and/or intrusion prevention systems (IPS) are needed in the
network. Your job is to provide recommendations, including a network design with IDS/IPS, that
meet the companys requirements.
Initial Topology
Companys Requirements
1. Detect any malicious traffic entering the e-commerce server without performance penalty
LAN).
4. Stop any traffic entering the File Server in MKT LAN.
5. Deploy a centralized database and analysis console in the intranet to managing and
monitoring both IDS and IPS sensors.
Task 3Conclusions
#3. Describe in two paragraphs your learning experience in this lab.
References:
1. SANS Institute. Network IDS & IPS Deployment StrategiesWebliography
2. Paquet, C. (2012). Implementing Cisco IOS network security (IINS) foundation learning
guide (2nd ed.). Indianapolis, IN: Cisco Press.