ABSTRACT
The goal of the network firewall is straightforward. A network firewall protects one part of the network from another by allowing or denying traffic based upon a number of criteria. With security, however, there is always a lingering doubt. How can you know that your firewall is doing its job? How do you know that you have configured the firewall properly in the first place, and how can you know that your firewall is not letting through attacks that you had not foreseen when you first configured it? The device that has traditionally served this purpose is known as an intrusion detection system (IDS).
