I've been a member and viewer of Antionline for sometime now but until this point have not been inclined to participate (other than the obligatory 'Hi everyone I'm a new member' post) because 1 - I didn't really work in IT Security and 2 - Whenever someone asks a question they receive top drawer ‘articles’ (!) masquerading as fixes, advice and security mantras from the plethora of expert forum members. I just read the replies with my jaw wide open.
Didn’t know whether to put this in the newbie or IDS forum but as I’m not entirely a newbie to security thought I would go for this one.
The main reason I use the site & forum is to try and educate myself a little, an instructor on a Cisco PIX course pointed me to the site last year. Since then I've started the CCSP certification track and have passed the PIX and Secur exams.
Anyway, my situation has recently changed a little and I am due to start a new position in my company's security practice which I am absolutely thrilled about. Well pleased anyway….
I start in March and my only brief to this point is that I will be involved in IDS Design and Firewall Design. I was wondering if any of you guys or ladies could give me some advice on any preparation work I could do so I have a chance of hitting the ground running or at the very least limping. I don't have any IDS experience to date but during the last month (since I knew I had secured the role) I've gone through some of the Cisco IDS CCSP training guides to familiarise myself with that product. I've also got a couple of books on Snort and plan to install this myself on a lab at home to mess around with it and get used to this offering.
I'm also aware that some of the networks that are currently supported by the organisation use the ISS RealSecure product so any advice on where I could learn about this would be appreciated.
I’ve also gone through some Ethical Hacking computer based training which was absolutely fascinating and I would recommend to anyone working in security because looking at it from the other side of the firewall really opens your eyes and to quite honest is kind of ….sexy….. Sort of makes me feel like I’m a law abiding cop trying to keep out the underworld full of Russian hacking teams and International terrorists!
I have more experience with Firewalls although I would still greatly appreciate any advice on the design aspect of these in a security solution. Until now I've been more of a support type person so now I'm getting the opportunity to move into design I want to cover all angles so any advice from the esteemed members of this forum would be gratefully received!
So in short… Can anyone give me some advice on IDS Design and on Firewall design? Please?
Thanks in advance, Goz.