Chapter 16. Intrusion-Detection System

Part VI, "Managing Access Through Routers," covered Cisco IOS features and tools that you can use to manage traffic better as it travels through your router. That part focused primarily on authentication: lock-and-key ACLs, authentication proxy, and routing authentication with MD5. This part focuses on detecting and, in some cases, preventing certain kinds of attacks, as well as logging information to help you determine when and how an attack occurred.

This chapter focuses on the capability of the Cisco IOS to detect attacks with the intrusion-detection system (IDS) feature of the Cisco IOS Firewall. The following topics are covered in this chapter:

  • IDS introduction

  • IDS signatures

  • Cisco router IDS solution

  • IDS configuration

  • IDS examples