What type of IDS (intrusion detection system) should you use?

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn17

There are many types of IDSs (intrusion detection systems) to choose from. The first thing you require to do is study the computer assets you want to secure and recognize the most important computer assets that should get a higher level of security support. These machines are regularly the simplest ones to use when making an ROI case to management. New intrusion detection system administrators should begin small, learn, fine-tune, and then grow.

Don’t try to boil the ocean. A HIDS (Host-based intrusion detection systems) should be used when you want to secure a particular valuable host asset. A NIDS (network intrusion detection systems) should be used for general network awareness and as an early warning detector across various hosts.

You must choose an IDS that supports your network topology, operating system platforms, resources, and experience. If you have an important amount of wireless traffic uncovered in public areas, consider investing in a wireless IPS. If you have high-speed links that you need to monitor, make sure your IDS has been evaluated and tested at the same traffic levels.

Should your IDS be based on abnormality or signature detection? If it’s possible, use a product that based on both. The best IDSs use all methods, merging the strengths of each kind to give a greater security strategy.

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn17
The following two tabs change content below.

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Latest posts by Eslam Medhat (see all)

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Leave a Reply