This paper explores two types of security systems: firewalls and intrusion detection systems. Both of these systems are used to monitor network traffic using security policies. A firewall system filters out unwanted, possibly harmful elements form the internet to a local network. Basically, firewalls act as barriers that allow some things to pass through and blocks other things. An intrusion detection system is a device on a network or host programmed to find and report intrusive attempts to the network. Both of these systems serve their purpose in keeping the home network safe, and are both extremely useful. Like all systems, these two security programs both have their pros and cons, and they are susceptible to certain attacks. It’s important to understand the function for both of these systems to know how to best utilize them for maximum efficiency and quality.
The 21st century has seen a lot of growth in technology and cyber networking, and this has led to a lot of new jobs and has opened opportunities for new possibilities. However, this has also caused a higher security threat to people’s networking and host systems. Never has there been a time when cybersecurity played an integral role in shaping the world. Some of the most recent examples of this can be drawn from the 2016 election, the Panama Papers, Wikileaks, and the numerous cyberattacks from countries such as China and Russia. Countries seem like they’re in a frenzy to develop the latest, most advanced cybersecurity technologies in order to defend their systems from external threats. Two of the most basic systems are firewalls and intrusion detection systems. While somewhat basic, these systems are extremely useful in defending people’s host networking system and personal information. As the internet expands and people start depending more on cyber-technologies, the ability and up-to-date capabilities of both of these systems will become essential to assuring that people are safe.
Almost every computer has a built-in firewall, and there are many programs that implement firewalls into the system. Firewalls’ main purpose is “to block unauthorized access while permitting authorized communications” (“Difference between Firewall,” n.d.). In other words, firewalls “[stand] between a local network and the Internet, and filter traffic that might be harmful” (“Difference between Firewall,” n.d.).
Once again, firewalls “[let] the things you need through and blocks potential threats before they get a chance to harm your computer” (Bradford, n.d.). Firewalls have both their pros and cons, and it’s important to weigh these factors against each other when deciding if a firewall is needed in a computer system. The pros of a firewall are that they block dangerous elements that come from internet connections and other computers on the same network as the system. While many people overlook it, the blocking technology of the firewall is one of the most important features of this system. In all cases, a user would prefer to prevent viruses and other spying technologies from entering their system than remove it. This is because “some malware and viruses bury themselves so deeply in computers’ system files that anti-virus software isn’t able to fully remove the intruder” (Bradford, n.d.). When this happens, these viruses need to be removed by the user instead of by a program, which is a very risky and dangerous option that can damage the system permanently. Another reason why prevention is better than removal is that certain malware, such as keyloggers, can steal personal information before they are removed; the hacker can view information such as bank information and PIN numbers before the virus is actually removed.
While firewalls seem to be the most go-to virus protection software for regular people and start-up companies, there are some drawbacks of such software. Oftentimes, people have both a firewall and an anti-virus program such as Norton running on their system. Sometimes “poorly designed firewalls tend to block software applications that are completely safe” (Bradford, n.d.). Additionally, some firewalls hinder a system’s ability to do other tasks, and this causes many people to just turn off the firewall. This leaves the system much more vulnerable than before, and can lead to many consequences for the user. Now there are two ways to avoid these two drawbacks of using firewalls, and they’re pretty basic actions. First, free firewall downloads are often ineffective, so users should stick with a product that has a proven track record of stability and effectiveness. Second, checking out a firewall’s testing score from an independent and non-biased company can save the user time, money and a lot of frustrated hours trying to make their system run faster. Therefore, while firewalls have their pros and cons, they are mostly effective when the user takes the proper steps in making sure the system and other security programs are compatible with the firewall.
Intrusion detection systems are installed on a network or a host in order to “detect and report intrusion attempts to the network” (“Difference between Firewall,” n.d.). Unlike firewalls, intrusion detection systems cannot block connection, and instead they alert attempts of intrusion to the administrator. Like firewalls, intrusion detection systems have both pros and cons, and it’s important to understand these in order to create a system that can defend itself. The pros of an IDS are that they can show the user “specific content in network packets” (Lake, 2017). This basically means that the user can uncover these intrusions and perhaps exploit the attacker.
This system can also detect the type of threat and make changes accordingly to itself in order to defend better against this type of threat if it is to be seen later. It also analyzes the attacks to see if there is a better method that can be used to defend against it, and if there is it will make the changes accordingly.
However, there are some cons of intrusion detection systems, and they should be known by the user in order to have a grasp on how to best defend against attacks. For instance, they won’t stop incidents by themselves, and they will often need backup or assistance from other programs. So this means that an IDS would need to “be part of a comprehensive plan that includes other security measures and staff who know how to react appropriately” (Lake, 2017). Lastly, another con about IDS is that they need to be continually updated, more so than firewalls, in order to detect the latest threats. Just like how databases need to be kept up-to-date, these systems need to be kept in best shape in order to register new attacks.
It’s clear that both of these systems are important and play a big role in defending a user’s system from cyberattacks. The firewall screens for foreign agents from the internet that look like threats, and the intrusion detection system is the researcher and the reactor. This means that the IDS looks for better means and methods of dealing with cyber threats while also notifying the owner of any red flags. It’s important to know that both of these systems have integral and important functions, and that they should both be used if someone wants to protect sensitive and personal information. It’s never bad to have more than one security system in place as long as they don’t get in each other’s way.