In a Communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an Intrusion Detection System (IDS), and a Covert Channels Detection System (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as Denial of Service (DoS) attacks. Covert channels allow individuals to communicate undetectable and exchange hidden information. A CCDS detects and stops covert channels. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper we propose an optimized order regarding the execution of the three processes, and evaluate the system's performance when the LAN network is under different types of attacks. The results show that the proposed order enhances the processing time performance of the system.