I've found a nice article about IDS (Intrusion Dection System) and NIDS (Net Intrusion Dection System) and how to plan a helpful use of it:
QUOTE
Checklist for Deploying an IDS
by Andy Cuff
last updated December 30, 2003
1.0 Introduction
Installing a Network IDS (NIDS) onto a network requires a significant amount of thought and planning. In addition to the technical issues and product selection there are resource issues, from product cost to manning the sensor feeds and supporting the infrastructure that must also be considered.
The scope of this article considers the worst case scenario, that of deploying a NIDS on a remote network (target). The introduction of an IDS into a organization's network can be sensitive and often has political implications with the network staff, and thus a checklist written from the perspective of an outside consultant (even if the IDS is deployed internally) that appeases all parties can be useful to ensure a successful implementation.
While this topic is broad, there's sufficient information and planning required to form the basis of the checklist. If you are unfamiliar with the terminology in this article, please refer to my previous SecurityFocus articles [A to H] [I to Z] on IDS terminology.
Source:
http://www.securityf...om/infocus/1754
by Andy Cuff
last updated December 30, 2003
1.0 Introduction
Installing a Network IDS (NIDS) onto a network requires a significant amount of thought and planning. In addition to the technical issues and product selection there are resource issues, from product cost to manning the sensor feeds and supporting the infrastructure that must also be considered.
The scope of this article considers the worst case scenario, that of deploying a NIDS on a remote network (target). The introduction of an IDS into a organization's network can be sensitive and often has political implications with the network staff, and thus a checklist written from the perspective of an outside consultant (even if the IDS is deployed internally) that appeases all parties can be useful to ensure a successful implementation.
While this topic is broad, there's sufficient information and planning required to form the basis of the checklist. If you are unfamiliar with the terminology in this article, please refer to my previous SecurityFocus articles [A to H] [I to Z] on IDS terminology.
Source:
http://www.securityf...om/infocus/1754
Greetz
B. Udo
