THE BASIC MODES OF THE INTRUSION PREVENTION SYSTEM (IDS/IPS SURICATA) FOR THE COMPUTING CLUSTER
Journal Title: Современные информационные технологии и ИТ-образование - Year 2017, Vol 13, Issue 3
Abstract
This article aims to test the Suricata intrusion prevention system and consider its use as a primary or additional tool for securing the computing cluster. For solve this task, we tested the operation of this system in the IDS and IPS modes. To evaluate the performance of the system under test, the CPU utilization and CPU load average counters were used. The data was obtained through the system of monitoring the data center of the Institute of Physics of the National Academy of Sciences of Azerbaijan on the basis of the ZABBIX platform. In this article, describes the installation of Suricata and the configuration of its main parameters and the possibility of optimizing the operating modes of Suricata is shown depending on the hardware resources, for example, the number of cores. The cloud segment of the data center of the Institute of Physics of the National Academy of Sciences of Azerbaijan was used as a testing ground, which in its turn is a part of the JINR LIT's cloud infrastructure. The results demonstrate the ability of Suricata detecting threats and responding to them in a timely manner, which significantly increases the level of security. In addition, this article shows the capabilities of the cloud segment and the monitoring system of the data center of the Institute of Physics of NAS of Azerbaijan, with the help of which testing was conducted.
Authors and Affiliations
Aleksey Bondyakov
Keywords
Related Articles
- EP ID EP266410
- DOI 10.25559/SITITO.2017.3.629
- Views 127
- Downloads 0
ESTIMATION METHODOLOGY OF THE LANGUAGE IDENTIFICATION RESULTS
The article presents the author's methodology for evaluating the language identification results, developed in the course of experimental research and showing the effectiveness of appropriate methods, technologies, algor...
CLUSTERING MODEL OF LOW-STRUCTURED TEXT DATA
The article proposes a clustering model for collections of news text messages, as well as the corresponding bubble trap clustering algorithm. The essence of the proposed approach is to divide the entire vector space of t...
NEURAL NETWORK MODEL OF PREDICTING THE RISK GROUP FOR THE ACCESSION OF STUDENTS OF THE FIRST COURSE
Many Russian universities face the problem when applicants who successfully passed a single state examination in core disciplines become outsiders as a result of the first academic period. Especially it concerns the spec...
THE EFFECTIVENESS OF LOCAL SEARCH METHODS IN THE PROBLEM OF FINDING THE MINIMUM ENERGY OF A 2-D CRYSTAL
The work is devoted to solving the problem of finding the energy minimum of the aggregate of atoms of a fragment of a planar crystal lattice. A mathematical statement of the problem is given. For its solution, two classe...
EXPERIENCE IN DEVELOPMENT, TRENDS IN THE DEVELOPMENT AND IMPLEMENTATION OF INFORMATION SYSTEMS SUPPORTING THE MAIN EDUCATIONAL PROCESS
This article contents experience of use and description of tendencies of educational information systems extension with emphasis on institutions of higher education. In the context of the emergence of new educational nee...