Software Requirements Specifications

For In-line Prevention System

Introduction:
Security is a big issue for all networks in today's network environment. Many methods have been developed to secure the network infrastructure and communication over the Internet. One relatively new one is In-line intrusion prevention system. The IPS

Placed between Trusted network and Untrusted network .The IPS It is one type of Network
Based Prevention solution using Snort and Deter lab.

Product Scope:
IPS is a network based intrusion prevention system aimed to provide accurate and real-time network intrusion prevention solution to network based known attacks and IPS can provide security such as the best can do to improve the security of the system is place them behind filters Then the Network Prevent from the malicious events without modify the existing Network.

System Features
1. Analyze the network traffic and capture the Data

Functional Requirements:
REQ-1: login deter lab with user name and password REQ-2: Open The SEER and Experiment swapped in, open SSh terminal and putty on Linux Ubuntu REQ-3: Connect to router.[experiment name].[project name].isi Must follow this syntax REQ-4: Use command-line tool called TCPDUMP It's a very common and useful tool for looking at network traffic .

REQ-5: One of the most important thing need, especially Snort in IPS mode, is a really big
reasonably fast hard drive for storing data as log files or in a database, to need a lot of space to store all

2. Active mode:
Functional Requirements:
REQ-1: User is asked for username and password

REQ-2: User is given to enter his login name and password failing which the screen is locked
and alert is generated in the form of a popup box . REQ-3: After verifying the login, the user is granted access to the front end of the Inline Prevention system

REQ-4: The interface has commands for starting the detector. The interface also displays the
number of packets sessions, graphically, arriving in the adopted timeframe and locked text box to show current statistics of normal and incoming profile. REQ-5: If an malicious attacks occurs the pop-up box appears along with a alert to the

administrators of a network.
REQ-6:If the user presses the start button the detector starts executing and looking for misdirected traffic. REQ-7: If the user presses stop, the detector stops working.

REQ-8: Once a user logs out he is asked to provide the login information again to access the
application.

Other Nonfunctional Requirements

I.

Performance Requirements: The system has very high protection rate (i.e., no less than 99%) in any circumstances. Similarly the system has very low false alert rate (i.e., no more than 1%) in any circumstances.

II. Safety Requirements: There are no specific safety requirements associated with the proposed system. The IPS is composed of well known and commonly used hardware which

does not cause any safety hazards. SEERGUI cannot attach with experiment then relogin.
III. Security Requirements: Only authorized personn are allowed to use the product and go through selection procedures. In case of forgotten passwords contact the developers. Similarly, changing the features of the solutions at runtime also requires password based authentication.

IV. Software Quality Attributes:

o Reliability: IPS should provide reliability to the user that the product will run available and executing perfectly o o o Accuracy: IPS should be able to reach the desired prevention level Resources: IPS should use minimal resources in terms of memory, time and CPU. User Friendliness: IPS should have a graphical user interface with user friendly menu with SEER.

V . Business Rules
IPS is most suitable for network administrators of large enterprises. The product should be
used with precaution to avoid loss of data with less cost. Major advantage is without modify the old data or network providing security.

Thanking you !