Network Perimeter Defenses Using Open-Source Software
Keywords:Network security, Virtualization, Firewall, Intrusion Detection, Penetration Testing, Docker, Elastic Stack.
network security role grew exponentially in the late several years, especially with the notable amount of attacks that target all types of organizations and services. Thus, the need for more research on efficient and open source perimeter defense system and packet analysis and are rising. Intrusion detection system can afford significate role in protecting networks by detecting and reporting malicious behaviors. In this paper, an open source-based model was introduced that can provide security monitoring and logging, intrusion detection and prevention, firewall services and packet inspection and analysis. The proposed design provide high visibility and add a security layer to networks and data centers with many use cases such as: network forensics, security analysis, and production deployment. All the components and software were deployed with virtualization and container-based technology to get the benefits of these technologies like cost effective, cloud applicable, and flexible deployment across many hardware requirements. The results show that the proposed design presents detection capability of the attacks and visualization of the network traffic with security controls. This work also aims to accomplishes the OWASP A10:2017 which focus on insufficient logging and monitoring.