Monitoring Network through SIEM using IDS, IPS and EDR
This project proposes and implements the installation of a SIEM (Security Information and Events Management) solution integrated with IPS / IDS (Intrusion Prevention and Detection Systems) and Firewall for active monitoring of a network. In future, EDR (End-point Detection and Response) System will
Project Title
Monitoring Network through SIEM using IDS, IPS and EDR
Project Area of Specialization
Project Summary
This project proposes and implements the installation of a SIEM (Security Information and Events Management) solution integrated with IPS / IDS (Intrusion Prevention and Detection Systems) and Firewall for active monitoring of a network. In future, EDR (End-point Detection and Response) System will also be integrated with the SIEM solution.
Project Objectives
Securing the cyber space of an organization or a country is of critical importance in this information warfare era. Pakistan is far left behind in the race of information warfare and needs alot of awareness and work to fortify its cyber security. This project aims to implement an open source complete SIEM solution for real time network monitoring and implement security applications including Intrusion Detection and Prevention Systems (IDS / IPS), a complete configured opensource firewall, and a comprehensive End-point Detection and Response System, and integrating all these applications with one complete Security Information Event Management (SIEM) solution, in an attempt to deploy a complete opensource Cyber Security Operation Centre (Cyber SOC). It will be a step forward to explore best available open source cyber security tools and to implement fully functional SOCs at small and corporate levels to safeguard cyber space of organizations and their valuable data.
this will also help us understand the functionality and how to configure custom security rules for different types of organizational structures, and would be a way forward for us to indigenously develop our own security applications to maximize our cyber security potential.
Project Implementation Method
The project will be implemented in three phases.
First phase will be to carry out extensive research on all available open-source tools and doing a qualitative comparison to choose the best among the available tools.
Second step will be to deploy Intrusion detection and prevention systems (IPS / IDS) along with a firewall in a test network environment.
Last phase will be to implement End-point detection and response system and integrating all these applications with am open-source SIEM.
This fully developed and functional SOC setup will be deployed in a live network environment as a fully functional cyber security setup.
Benefits of the Project
This project will benefit the cyber space of our country, we aim to spread awareness regarding the importance of open-source tools, and their useability as a building block towards developing our own cyber security applications and getting rid of dependency on international cyber security companies' products.
According to a finding, most of the firewalls deployed in the asian region are intentially left with backdoors, that leak data to their manufacturing companies and agencies. Our cyber space can never be safe until we indigenously develop our own systems.
Thsi project aims to deploy open-source cyber security tools and configuring them according to our own needs and cyber space requirements.
later on we aim to develop our own security tools.
Technical Details of Final Deliverable
Final deliverable will be a complete Security Operations Centre (SOC) system.
The system will consist of following fully operational applications / components / appliances / systems / servers:
1. Security Information and Event Management (SIEM) Solution
2. Intrusion Detection System.
3. Intrusion Prevention System.
4. Firewall
5. Endpoint Detection and Response (EDR) system
Final Deliverable of the Project
Core Industry
Other Industries
Core Technology
Other Technologies
Sustainable Development Goals
Required Resources
| Item Name | Type | No. of Units | Per Unit Cost (in Rs) | Total (in Rs) |
|---|---|---|---|---|
| switches | Equipment | 3 | 6000 | 18000 |
| server | Equipment | 1 | 40000 | 40000 |
| wires | Equipment | 4 | 500 | 2000 |
| connectors | Equipment | 2 | 1500 | 3000 |
| lan cables | Equipment | 5 | 200 | 1000 |
| fiber-optic cable | Equipment | 3 | 2000 | 6000 |
| tools | Miscellaneous | 2 | 5000 | 10000 |
| Total in (Rs) | 80000 |
If you need this project, please contact me on contact@adikhanofficial.com
Early fault detection of three-phase induction motor
Induction motors are most widely used electrical machines for industrial, domestic and com...
Self Fire Detection and Extinguishing Robot
Human intrusion generally has diminished with the rise in the field of robotics, and robot...
Plc based material picking trolley for industrial purpose
?We expect from this project will increase our knowledge about PLC and Ladder Logic Progra...
Detection of Pulmonary Diseases through Cough
Over the past few decades, significant innovations have been made in the field of medicine...
Detection and Prevention of Machine Learning attacks in Adversarial se...
Despite the success of ML in real time applications, it shows a vulnerability to integrity...