Summary | Intrusion Prevention Fundamentals

Before you embark upon a HIPS deployment, you should have realistic expectations about what is involved. This chapter used a realworld HIPS product as an example to illustrate the decisions that need to be made at each phase in a HIPS deployment. CSA deployment has seven major phases:

Step 1.	Understand the product
Step 2.	Predeployment planning
Step 3.	Implement management
Step 4.	Pilot
Step 5.	Tuning
Step 6.	Full deployment
Step 7.	Finalize the project

Understand the Product

The first task in any HIPS deployment is to make sure you fully understand the product you intend to deploy.Review Chapter 5 and Chapter 6, so that you are familiar with the potential components, capabilities, and benefits of the HIPS products. Then, determine which components, capabilities, and benefits your product has specifically. Also be sure to investigate the product's management capabilities.

Predeployment Planning

The planning phase of a HIPS deployment should occur before anything has been implemented. During this phase, you should address the following:

Review the security policy Determine what, if any, impact your corporate security product has on the HIPS implementation.
Define project goals Decide what the goals are for the implementation.
Select and classify target hosts Decide which and what types of hosts are to have an agent.
Plan for ongoing management Begin to plan for post-implementation of the product.
Choose the appropriate management architecture Design the management solution.