Ids deployment overview, Computer Network Security

IDS Deployment Overview

The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should select deployment strategy based on careful analysis of organization’s information security needs but, at the same time, causes minimal impact. NIDS and HIDS can be used in tandem to cover both the individual systems which connect to an organization’s networks and networks themselves.

Deploying Network Based IDSs

NIST recommends 4 locations for NIDS sensors

- Location 1: behind each external firewall, in network DMZ
- Location 2: outside the external firewall
- Location 3: On the major network backbones
- Location 4: On the critical subnets

                                         This Figure given below illustrates the Network IDS sensor Locations.

 

 

                             441_IDS Deployment Overview.png

Posted Date: 10/9/2012 3:59:49 AM | Location : United States







Related Discussions:- Ids deployment overview, Assignment Help, Ask Question on Ids deployment overview, Get Answer, Expert's Help, Ids deployment overview Discussions

Write discussion on Ids deployment overview
Your posts are moderated
Related Questions
Write down the significance of the syntax conversion . Syntax Conversion is described below: Syntax conversion is a significant function carried out in the presentation layer. I

(a) What are the different architectures for wireless networks? (b) Explain how WEP authentication and encryption works, describe the vulnerability. (c) In what ways are secu

COLLISION DETECTION The signals from two devices will interfere with each other and the overlapping of frames is known a collision. It does not cause to the hardware but data

Consider the details of the X.509 certificate shown below. a. Identify the key elements in this certificate, including the owner''s name and public key, its validity dates, the nam

Using the selected approach, you should then conduct an audit or review of the information security issues associated with the use of computing facility and report on the findings.

According to the case, The EZ Company introduced a new technology, focusing on the principles of informationintegration and visualization. The company started negotiatinga saleto a

Ethernet is a commonly used LAN technology. It was discovered at EXROX PARC(Palo Alto Research Center) in 1970s.Xerox, Intel and Digital described it in a standard so it is also kn

SDES encryption and decryption

Protocols for Secure Communications Securing Internet Communication by using S-HTTP and SSL Secure Socket Layer (SSL) protocol is a protocol that uses public key encryption t

FRAGMENTATION AND PATH MTU IPv6 source is responsible for fragmentation. Routers simply drop datagrams bigger than network MTU. So source have to fragment datagram to arrive d