Technology Insider: Network-based intrusion-detection systems

Network-based IDSs are designed to sit on your network, monitor traffic and send alarms whenever suspicious behavior occurs. Sounds like a fairly simple marching order, but our monthlong test of eight of these products show that setting up IDSs requires a substantial time investment to ensure they'll flag only suspicious traffic and leave everything else alone.

Crying wolf: False alarms hide attacks
Eight IDSs fail to impress during the monthlong test on a production network.

IDS glossary
If IDS terminology is alphabet soup to you, our glossary of IDS-specific tags will help in the translation.

Deployment tips
If you're considering installing an IDS product on our network, read our IDS deployment tips to help reduce the number of false positives - attacks that don't really exist - reported by your IDS.

See also:

Security breaking news
Keep up to date on the latest threats to your net.

Network World's Security and Bug Patch Alert newsletter
Get the latest information on security and bug alert announcements and fixes from major vendors.

Network World on Security newsletter
Stay current on security challenges and solutions, and get strategic insight into the future of information security.

Security research page
Get up to speed on security issues, including intrusion detection, hackers and other subjects.

Corporate security and the climate crisis 10/2/2008

EU calls for help to protect IT infrastructure 9/16/2008

US border agency says it can seize laptops 8/1/2008

Powered by Inform