Provided by: AT&T Intellectual Property
Date Added: Aug 2011
The security of the networking infrastructure (e.g., routers and switches) in large scale enterprise or Internet Service Provider (ISP) networks is mainly achieved through mechanisms such as Access Control Lists (ACLs) at the edge of the network and deployment of centralized AAA (Authentication, Authorization and Accounting) systems governing all access to network devices. However, a misconfigured edge router or a compromised user account may put the entire network at risk. In this paper, the authors propose enhancing existing security measures with an intrusion detection system overseeing all network management activities.