Can an IPS collect information of all layers like like which protocol and port numbers are being used or it can only sniff till layer 3 detail ?
Home > IT Answers > Security > Can an IPS collect information of all layers ...
Rahul Shrivastava
330 pts.
0
Q:
Can an IPS collect information of all layers like like which protocol and port numbers are being used or it can only sniff till layer 3 detail ?
Intrusion detection, Intrusion prevention systems, IPS
Hi. I have a scenario where an IPS is connected to the switch and is monitoring all the ports of it. I would like to know that whether this device can capture information till layer 3 (network layer) or it can capture full details of all seven layers, like which application, protocol and port is being used ? Thanks.

your responses awaited.
Cheers.
ASKED: Apr 1 2009  6:49 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Bigitgeek
30 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
The IPS should be able to see above layer 3. Layer 4 is where the session information resides - so it could tell the difference between UDP & TCP for example. It should be state-aware like a firewall. See the wikipedia article on Intrusion Prevention Systems

IPS systems analysis all packets which are not encrypted. If you would would like to capture those packets you can do with the IPS or an ASA. Wireshark is free to download for the file analysis.
Last Answered: Jul 29 2009  3:20 PM GMT by Bigitgeek   30 pts.
Latest Contributors: Labnuke99   26290 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



0