IDS Deployment Overview

The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should select deployment strategy based on careful analysis of organization’s information security needs but, at the same time, causes minimal impact. NIDS and HIDS can be used in tandem to cover both the individual systems which connect to an organization’s networks and networks themselves.

Deploying Network Based IDSs

NIST recommends 4 locations for NIDS sensors

- Location 1: behind each external firewall, in network DMZ
- Location 2: outside the external firewall
- Location 3: On the major network backbones
- Location 4: On the critical subnets

                                         This Figure given below illustrates the Network IDS sensor Locations.

 

 

                            

Posted Date: 10/9/2012 3:59:49 AM | Location : United States

Ask an Expert

Related Discussions:- Ids deployment overview, Assignment Help, Ask Question on Ids deployment overview, Get Answer, Expert's Help, Ids deployment overview Discussions

Write discussion on Ids deployment overview
Your posts are moderated

Write your message here..

Related Questions

Hypothetical reliable data transfer protocol, Hypothetical reliable data tr... Hypothetical reliable data transfer protocol: A jumping window based Go-back-N  ARQ protocol for file transfer using UDP as the transport protocol: In this protocol, a window o

Explain how the framework will align to the model, MB Enterprise Systems Lt... MB Enterprise Systems Ltd based in Mauritius is a company specialized in application development with Europe as the main customer base. The company has implemented CMMI and has rec

How to create a security policy, Five years ago, Calgary Kids' Cloth Ltd wa... Five years ago, Calgary Kids' Cloth Ltd was just a small retail store in downtown Calgary. The company started their own factory in SE Calgary to produce outdoor clothes for kids.

Routing protocol for a banking network, You have been asked to design a Ban... You have been asked to design a Banking Network with two primary types of locations.  Branches that will have 3 subnets, one /25 subnet one /26 subnet for ABMS and one /26 s

Nyquist capacity theorem, (a) Illustrate what you understand by Nyquist Cap... (a) Illustrate what you understand by Nyquist Capacity Theorem? (b) Consider we wish to transmit at a rate of 64 kbps over a 4 kHz noisy but error-free channel. What is the mini

Find the possible deciphering transformations, Question: (a) A string o... Question: (a) A string of ciphertext was enciphered using an a±ne transformation of single letters in a 28-letter alphabet consisting of A to Z, a blank and a?, where A to Z ha

Explain major differences between wpa and wpa2, Question: Suppose the f... Question: Suppose the following brief history of WLAN security standards: When the security of WEP was broken, the industry turned to the IEEE to fix it. The IEEE said it could

Wfabilling project in java, WFABilling project in Java:  Project Title... WFABilling project in Java:  Project Title: WFABilling   Role                      : Developer Domain                 : Tele-Com Environment          : Java, J2EE, S

Calculate the false rejection, Divide the user data into 6 equal sets. Use ... Divide the user data into 6 equal sets. Use the first set for the enrollment phase of your system, and the rest for the verification phase. Use the following formula to calculate t

Cyber security - vulnerabilities, The world has to deal with newly released... The world has to deal with newly released vulnerabilities on a daily basis.  These vulnerabilities eventually lead to active exploits of systems, and it is our job as cyber securit