Technology Insider: Network-based intrusion-detection systems

Network-based IDSs are designed to sit on your network, monitor traffic and send alarms whenever suspicious behavior occurs. Sounds like a fairly simple marching order, but our monthlong test of eight of these products show that setting up IDSs requires a substantial time investment to ensure they'll flag only suspicious traffic and leave everything else alone.

Crying wolf: False alarms hide attacks
Eight IDSs fail to impress during the monthlong test on a production network.

IDS glossary
If IDS terminology is alphabet soup to you, our glossary of IDS-specific tags will help in the translation.

Deployment tips
If you're considering installing an IDS product on our network, read our IDS deployment tips to help reduce the number of false positives - attacks that don't really exist - reported by your IDS.

See also:

Security breaking news
Keep up to date on the latest threats to your net.

Network World's Security and Bug Patch Alert newsletter
Get the latest information on security and bug alert announcements and fixes from major vendors.

Network World on Security newsletter
Stay current on security challenges and solutions, and get strategic insight into the future of information security.

Security research page
Get up to speed on security issues, including intrusion detection, hackers and other subjects.

NSA helped with Windows 7 development 11/18/2009

National Cybersecurity Awareness Month: Wait until next year! 11/16/2009

Washington Watch National ID Program in Deep Trouble, as Budget Is Cut 40% 11/16/2009

Powered by Inform