IDS Deployment Overview

The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should select deployment strategy based on careful analysis of organization’s information security needs but, at the same time, causes minimal impact. NIDS and HIDS can be used in tandem to cover both the individual systems which connect to an organization’s networks and networks themselves.

Deploying Network Based IDSs

NIST recommends 4 locations for NIDS sensors

- Location 1: behind each external firewall, in network DMZ
- Location 2: outside the external firewall
- Location 3: On the major network backbones
- Location 4: On the critical subnets

                                         This Figure given below illustrates the Network IDS sensor Locations.

 

 

                            

Posted Date: 10/9/2012 3:59:49 AM | Location : United States

Ask an Expert

Related Discussions:- Ids deployment overview, Assignment Help, Ask Question on Ids deployment overview, Get Answer, Expert's Help, Ids deployment overview Discussions

Write discussion on Ids deployment overview
Your posts are moderated

Write your message here..

Related Questions

Technology, how can you enter the ASVAB practice test on line? how can you enter the ASVAB practice test on line?

Explain major differences between wpa and wpa2, Question: Suppose the f... Question: Suppose the following brief history of WLAN security standards: When the security of WEP was broken, the industry turned to the IEEE to fix it. The IEEE said it could

Explain the three modes of vtp switches, QUESTION (a) What do you unde... QUESTION (a) What do you understand by a VLAN? Provide one advantage of using a VLAN. (b) What is a trunk port in a VLAN? (c) A VLAN will be created using one or more

AES, define . define .

Why use an ids, WHY USE AN IDS? IDS prevent from problem behaviors by in... WHY USE AN IDS? IDS prevent from problem behaviors by increasing the perceived risk of discovery and punishment. Detect the attacks and other security violations. Detect and at

Virtual terminal protocol vtp, Write down the short notes on VTR.  Communic... Write down the short notes on VTR.  Communication between different types of the equipment and software is made possible by making use of the networks. Full-screen text editor is s

The effect the incident has on your business, QUESTION There are gener... QUESTION There are generally five factors that will influence how you respond to computer security incidents- The effect the incident has on your business Legal issue

Packet filtering firewall-stateless packet filtering, Stateless Packet Filt... Stateless Packet Filtering Stateless or static packet filtering is the most straightforward kind of packet filtering that allows or disallows data transfer based on the addres

Tcp- reliable transport service, TCP-RELIABLE TRANSPORT SERVICE INTRO... TCP-RELIABLE TRANSPORT SERVICE INTRODUCTION:  TCP is the major transport protocol architecture in the TCP/IP suite. It uses unreliable datagram function offered by IP whe

Secure clustering in WSNs, i have an idea of clustering in wsns . where eac... i have an idea of clustering in wsns . where each and every sensor node use the reputation scheme and while clustering provide help against the selfishness atatck of the sensor nod