Memo Essay Example | Topics and Well Written Essays - 2000 words

Memo - Essay Example I've prepared an analysis about the use of vulnerability assessment systems and intrusion detection systems in your company, just like you asked me. You specifically asked whether the use of both systems will be a waste of resources and a duplication of efforts. My analysis suggests that VAS and IDS have separate internal functions for the security of the computer systems and both must be a part of a computer system for complete security control. Vulnerability assessment systems are those security scanning tools that assess level of threat that can penetrate a system. The main job of such tools is to scan networks, servers, firewalls, routers, and applications and report system vulnerabilities. "Generally, the tools can detect known security flaws or bugs in software and hardware, determine if the systems are susceptible to known attacks and exploits, and search for system vulnerabilities such as settings contrary to established security policies". (Becker, 1999) New threats are discovered each day thus the vulnerability assessment tools must be updated regularly. Any new weaknesses such as security flaws and bugs would need to be patched in the system so that no holes left for malwares, viruses, spywares etc. to infect the system. Another feature of a vulnerability assessment system is that it generates reports which can tell a user what and where weaknesses exist and how to fix them. (Becker, 1999) Intrusion Detection Systems Vulnerability assessment is the first step in securing the system from threats by taking appropriate security precautions and patch-ups. However, new threats are raised everyday and some might pass through the vulnerability precautions. Therefore the next logical step is to "monitor the system for intrusions and unusual activities". Intrusion detection systems automatically raise the alarm in case of a security breach and inform the Computer Incident Respond Team for their help. "By analyzing the information generated by the systems being guarded, IDSs help determine if necessary safeguards are in place and are protecting the system as intended". Important to note here is that IDS don't protect the system, they just pinpoint the location of the attack and collect the information related to the attack and the attacker. (Becker, 1999) IDS tools are used by the CIRT to generate both technical and management reports since it provide background information on the type of attack and the attacker. IDS can also give recommendations to the management about the courses of action to take to seal the breach. (Becker, 1999) Example The difference can easily be understood by the following example. Vulnerability assessment just checks how susceptible a person is to catching a cold in winters. The vulnerabilities that the system can find is that not enough warm clothes are worn and heater is not being used. The intrusion detection system checks that cold air in hitting the person directly which may be harmful, and the point of intrusion was the chest of the person. So a person gets the information from the vulnerability system that he needs to have a heater and wear warm clothes and from the intrusion