Chapter 10: Placement of the Intrusion Detection System


Overview

"Knowing the land is the soldier's best ally; but the power of estimating the adversary, of organizing the victory, and of shrewdly calculating difficulties, dangers, and distances constitutes the test of a great general."

Sun Tzu, "The Art of War."

In using an intrusion detection system within a corporate network, one of the key things to consider is where to place it. Understanding the principles involved in correctly positioning intrusion detection system components (network and system sensors, security scanner agents, and deception systems) will allow you to fully control the most important resources of a protected network. Otherwise, you might encounter a situation in which you are unable to detect certain vulnerabilities or attacks. As a general rule, the IDS components should be placed on network segments or hosts containing critical information resources. I will start this chapter with a brief overview of the preferred location points of IDS network sensors, since this topic is the one that tends to lead to the most questions.




Protect Your Information with Intrusion Detection
Protect Your Information with Intrusion Detection (Power)
ISBN: 1931769117
EAN: 2147483647
Year: 2001
Pages: 152

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net