The Cisco IOS Firewall IDS feature is supported on Cisco Router platforms. It is ideal for any network perimeter and especially locations in which along with a router, additional security check is required between network segments. As an imperative Security control, It also protects intranet and other semi secure zones like DMZ and Extranet.
The Cisco IOS Firewall IDS feature identifies 59 of the most common attacks using “signatures” to detect patterns of misuse in network traffic. The signatures represent severe breaches of security and the most common network attacks and information-gathering scans.
When Cisco IOS IDS is enabled, Cisco IOS Firewall is automatically enabled. Thus, IDS uses Cisco IOS Firewall default parameter values to inspect incoming sessions
In global configuration Mode:
To validate the configuration, we need to create a network attack using ICMP protocol (denial of service attack) from remote Server to R1 Router as below –
Now you can verify the detail information about this ICMP DOS attack using any syslog server, here we can view the information about the ICMP DOS attack.