Security is essential in the e-commerce environment. Customers need to know that their personal information is safe from being intercepted by a third party. If they do not have confidence in the site, they will not be as likely to visit the site, let alone make a purchase. Loses sustained from data breaches involving customer records can also pose a significant liability for the company. Detecting and intrusion is the first step to stopping it. This research will explore the essential hardware and software that is available for intrusion detection on the network.
Need for the System
An Intrusion Prevention System is essential for any e-commerce network, regardless of the size. E-commerce sites are some of the most popular targets for hackers. They often have huge databases of consumer credit card numbers and bank account numbers ready for the harvesting. From 2012 to 2014, data breaches involving e-commerce sites increased 53% (Callard, 2014). Most breaches occurred at the point of sale where customers entered their payment information (Callard, 2014). Many sources of the attacks were outside of the United States, so there was nothing legally that could be done about them (Callard, 2014). It takes average of 14 days for a breach to be discovered, by this time the damage has been done (Callard, 2014).
Use your promo and get a custom paper on
"Security Solutions: Intrusion Detection".
No one can be completely safe. Even big retailers such as Ebay and Target. These merchants have top of the line security systems and they still were hit. Smaller retailers with unprotected systems are the most vulnerable and prized targets by hackers. They are easy to breach due to a lack of security and the hackers can usually get away with everything they are after. No one should do ecommerce without investing in an excellent intrusion prevention system.
The chances of being hit by a data breach continue to escalate. This is the most convincing argument that every ecommerce business needs an IPS. An IPS monitors packets as they pass through it. If it detects an anomaly that differs from normal traffic, it can create an alert or react to it according to protocols (McMillan, 2009). One of the disadvantages of using an IPS is that it can slow down the system (McMillan, 2009). Firewalls block traffic based on set of rules. The problem is that many attacks come in the form of legitimate traffic packets (McMillan, 2009). The IPS system will address anything that looks out of the ordinary. An IPS adds a different way of “thinking” to the detection of breaches. It will often catch things that a standard firewall would let through. A firewall is no longer enough, given the sophistication of the software used by hackers.
Suggested IPS System
There are many different enterprise grade IPS systems available that offer excellent intruder detection and blocking. Next generation firewalls combine the best in firewalls and IPS protection into the same system. This is the recommended choices in the system because it contains an updated firewall. It also had a built-in IPS into the same unit. There are many different versions of next generation firewalls that have this feature.
After careful research and comparison, the Cisco FirePOWER was chosen as the system that would be the most appropriate. The 70000 Series was chosen due to the multiple layers of threat protection that are integrated into the system. (CISCO, 2016). NSS labs rated this system the highest in its security effectiveness score (CISCO, 2016). At present, it is one of the most reliable IPSs on the market. They have high throughputs ranging between 50 MBPS to 1.25 Gbps (CISCO, 2016). This system is unlikely to slow down ecommerce traffic, causing frustrated customers and abandoned shopping carts. The system has a latency of less than 150 milliseconds. It comes with between 4-16 GB of RAM (CISCO, 2016).
An upper end CISCO model is suggested to make certain that it has enough power to meet the needs of the ecommerce site as it grows. In addition, the upper end models have features such as dual power supply, lights out management and up to 5 cooling fans (CISCO, 2016). The upper end models are likely to have the longest product life cycles for the company. The units are easy to deploy and plug into the existing system. No other software is needed with the system. CISCO was also chosen because they are known for excellent customer support.
There is no need to have a group of personnel to monitor the ecommerce site for intrusions. This would be a rather inefficient way to manage intrusion prevention anyway. The CISCO 7000 series comes with updates when new viruses or intrusion techniques become known. The system administrator at the company could easily monitor the system and respond to any warnings that pop up. This intrusion system eliminates the need to hire more people who are dedicated to intrusion prevention. The initial cost of the CISCO 7000 might seem high, but it is rather inexpensive compared to hiring additional security personnel.
The CISCO 7000 is made to provide real time response to an intrusion. It can be configured to respond in various manners to different types of anomalies or threats. If it is found that changes need to be made at a later time, the system administrator can easily make those changes. The greatest advantage of the system is that if unusual activity is detected, then the system will send an alert to the administrator who can then take a closer look and decide what needs to be done. The intrusion will not be discovered long after the damage is done. The best part about the system is that it will increase the chances of stopping an intrusion before the damage has been done and customer records have been compromised. This system allows the company to avoid ever having to deal with a customer data breach.
- Callard, A. (2014, May 21). E-commerce sites involved in most data breaches investigated by Trustware. Internet Retailer. Retrieved from https://www.internetretailer.com/2014/05/21/e-commerce-sites-are-involved-most-data-breaches
- CISCO (2016). CISCO FirePOWER 7000 Series Appliances. Retrieved from http://www.cisco.com/c/en/us/products/security/firepower-7000-series-appliances/index.html
- McMillan, J. (2009). IDFAQ: What is the Difference Between an IPS and a Web Application Firewall? SANS. Retrieved from https://www.sans.org/security-resources/idfaq/what-is-the-difference-between-an-ips-and-a-web-application-firewall/1/25
