EXAMINATION OF MODERN CONCEPTS FOR FIREWALLS AND COLLABORATIVE INTRUSION DETECTION

Abstract

Background. Modern firewall systems are compared to classical concepts. The filtering rules are analyzed on the examples of the leading solutions (presented by Gartner Inc.). The collaborative intrusion detection systems and networks as well as the threats based on the insider attacks on CIDN are examined. A common CIDN functionality catalogue is discussed. The aspects of the application of modern systems of network intrusion detection and prevention by the peculiarities of their implementation at different levels are considered in accordance with the model of ISO/OSI. Brief recommendations on the use of known network security solutions in the construction of modern infocommunication networks to overcome various types of threats, in particular DoS type, virus and social engineering, are given. Objective. The aim of the paper is to study the implementation and application of modern concepts of firewalls and collaborative network intrusion detection systems. Methods. The research was carried out based on analysis of a large number of literary sources, the theory of building information security systems and avenues of manufacturers of systems for detecting and preventing network intrusion. Results. The advanced firewalls like SMLIF, IPS, the collaborative intrusion detection systems gain in importance increasingly nowadays. They can be also deployed within the scenarios of NFC and IoT (Internet of Things). The FW and IDS are often combined into individual participating peers (LAN, WLAN, 2G-4G, NFC and Bluetooth) with possibility of collaboration and better prevention of both external and insider attacks. Conclusions. The conducted research indicates the need to improve the implementation of modern network architecture with the use of integrated systems for detecting and counteracting network attacks. Despite the wide variety of network security solutions, this area of research remains relevant and suggests that the development of new concepts for protecting network architectures meets the current state of the industry, is timely and relevant, given the wide range of capabilities and scenarios for malicious intrusions and network system impacts. Keywords: firewall; network attacks; intrusion detection systems; intrusion prevention systems; CIDN.