Ids deployment overview, Computer Network Security

IDS Deployment Overview

The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should select deployment strategy based on careful analysis of organization’s information security needs but, at the same time, causes minimal impact. NIDS and HIDS can be used in tandem to cover both the individual systems which connect to an organization’s networks and networks themselves.

Deploying Network Based IDSs

NIST recommends 4 locations for NIDS sensors

- Location 1: behind each external firewall, in network DMZ
- Location 2: outside the external firewall
- Location 3: On the major network backbones
- Location 4: On the critical subnets

                                         This Figure given below illustrates the Network IDS sensor Locations.

 

 

                             441_IDS Deployment Overview.png

Posted Date: 10/9/2012 3:59:49 AM | Location : United States







Related Discussions:- Ids deployment overview, Assignment Help, Ask Question on Ids deployment overview, Get Answer, Expert's Help, Ids deployment overview Discussions

Write discussion on Ids deployment overview
Your posts are moderated
Related Questions
SECURING THE COMPONENTS Computer can be subject of an attack or the object of an attack. When subject of an attack, computer is used as lively tool to conduct attack. The figure

Network security is an issue for companies regardless of whether they participate in electronic commerce; however, since most organizations have a Web site that allows some interac

QUESTION a) A switch basically operates by forwarding frames from one part of the network to another, based on MAC address. Describe the three types of switching namely store

FIREWALL ANALYSIS TOOLS There are a number of tools automate remote discovery of firewall rules and assist the administrator in analyzing rules Administrators who feel wary of u

PARSING IPv6 HEADERS Base header is fixed in size i.e. 40 octets. NEXT HEADER field in the base header describe kind of header and it seems at end of fixed-size base header. S

Short term Scheduler function , also shown as a dispatcher runs most frequently, and creates the finest-grained decision of which program could run next. This scheduler is called

Firewalls A firewall in an information security program that prevents specific types of information from moving between the outside world and the inside world. The firewall may

Question : (a) "Pulse Code Modulation (PCM), as used in telephony, samples a signal at 8 kHz using 256 quantization levels". Outline how this scheme works with the help of ske

QUESTION: (a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a TCP segment. Give the source MAC address for the frame in hexadecimal; the sourc

Innovative nature of triple key management The triple key management scheme provides secure services by combining different techniques whic contribute to the security and priv