NIDS hardening is usually very straightforward. NIDS generally don't support any ancillary services, so they are fairly easy to secure. The primary hardening task is to ensure that the detection interface is not reachable at L3 and that the management interface connects directly back to a trusted location within your management network. This way, the NIDS should be difficult to access from the location in which you are likely to see the most attacks.
The second main step includes the more traditional hardening functions for any system. Enable logging, set passwords, use SSH, disable unneeded services (if any), and configure NTP.
Configuration commands for the Cisco Intrusion Detection System (IDS; version 4.0 was tested for this book) are based on a simple menu system accessed by connecting to the console port on the device. After logging in (user: cisco, password: cisco), you are then prompted to change the password. Initial configuration is launched by typing setup. Here you can set the following:
After entering these initial values, the IDS sensor can be managed from the IDS management system either embedded on the sensor or at a central location, depending on the size of your deployment.
For more details on the initial configuration of a Cisco IDS sensor, see the guide for getting started at the following URL: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids9/15282_01.htm.
Part I. Network Security Foundations
Network Security Axioms
Security Policy and Operations Life Cycle
Secure Networking Threats
Network Security Technologies
Part II. Designing Secure Networks
General Design Considerations
Network Security Platform Options and Best Deployment Practices
Common Application Design Considerations
Identity Design Considerations
IPsec VPN Design Considerations
Supporting-Technology Design Considerations
Designing Your Security System
Part III. Secure Network Designs
Edge Security Design
Campus Security Design
Teleworker Security Design
Part IV. Network Management, Case Studies, and Conclusions
Secure Network Management and Network Security Management
Appendix A. Glossary of Terms
Appendix B. Answers to Applied Knowledge Questions
Appendix C. Sample Security Policies
INFOSEC Acceptable Use Policy
Guidelines on Antivirus Process