THE BASIC MODES OF THE INTRUSION PREVENTION SYSTEM (IDS/IPS SURICATA) FOR THE COMPUTING CLUSTER
Abstract
This article aims to test the Suricata intrusion prevention system and consider its use as a primary or additional tool for securing the computing cluster. For solve this task, we tested the operation of this system in the IDS and IPS modes. To evaluate the performance of the system under test, the CPU utilization and CPU load average counters were used. The data was obtained through the system of monitoring the data center of the Institute of Physics of the National Academy of Sciences of Azerbaijan on the basis of the ZABBIX platform. In this article, describes the installation of Suricata and the configuration of its main parameters and the possibility of optimizing the operating modes of Suricata is shown depending on the hardware resources, for example, the number of cores. The cloud segment of the data center of the Institute of Physics of the National Academy of Sciences of Azerbaijan was used as a testing ground, which in its turn is a part of the JINR LIT's cloud infrastructure. The results demonstrate the ability of Suricata detecting threats and responding to them in a timely manner, which significantly increases the level of security. In addition, this article shows the capabilities of the cloud segment and the monitoring system of the data center of the Institute of Physics of NAS of Azerbaijan, with the help of which testing was conducted.
References
2. Suricata-ids [электронный ресурс] // URL: https://suricata-ids.org (дата обращения 25.09.2017)
3. Baranov A.V., Balashov N.A., Kutovskiy N.A., Semenov R.N. JINR cloud infrastructure evolution //Physics of Particles and Nuclei Letters. — 2016. — Vol. 13, Issue 5. — P. 672-675.
4. Abdinov O., Bondyakov A., Khalilova Sh., Orujova N. XXIV International Symposium NEC 2013, Conception GRID Infrastructure in Azerbaijan, p.9-12.
5. Bondyakov A.S. Basic directions of information technology in National Academy of Sciences of Azerbaijan // Computer Research and Modeling, 2015, Т.7, №3,С657-660. (in Russian)
6. Bondyakov A.S. CEUR Workshop Proceedings, Vol-1787, urn:nbn:de:0074-1787-5, Инфраструктура и основные задачи дата-центра института физики НАН Азербайджана, P. 150-155 //http://ceur-ws.org/Vol-1787/150-155-paper-25.pdf
7. Opennebula [электронный ресурс] // URL: https://opennebula.org (дата обращения 25.09.2017)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Publication policy of the journal is based on traditional ethical principles of the Russian scientific periodicals and is built in terms of ethical norms of editors and publishers work stated in Code of Conduct and Best Practice Guidelines for Journal Editors and Code of Conduct for Journal Publishers, developed by the Committee on Publication Ethics (COPE). In the course of publishing editorial board of the journal is led by international rules for copyright protection, statutory regulations of the Russian Federation as well as international standards of publishing.
Authors publishing articles in this journal agree to the following: They retain copyright and grant the journal right of first publication of the work, which is automatically licensed under the Creative Commons Attribution License (CC BY license). Users can use, reuse and build upon the material published in this journal provided that such uses are fully attributed.
