RE: How does and IDS help to save money??

From: McCammon, Keith (
Date: 04/15/02

Date: Mon, 15 Apr 2002 16:57:26 -0400
From: "McCammon, Keith" <>
To: "Bryan Burns" <>, "Shripal Meghani" <>, <>

This is based on the assumption that the IDS actually stops the threats,
which isn't always the case. An IDS can only stop attacks if it's
manned by
a full-time security expert who can react instantaneously and
to all incidents. If such a person even existed, she would cost a lot
than your IDS software..

Sorry that I wasn't clear. I should have been less specific, in

Anyway, I was trying to get him to see the big picture, and realize that
the safeguard itself was actually irrelevant to the questions that he
was asking. If he wants to convince management of anything, he needs to
assign value to his assets, and then look at the operating cost of all
of the available safeguards in comparison. He may be able to justify
nothing more than a simple firewall, or he may be able to justify a
full-blown firewall/IDS/integrity solution. But when you're talking to
management about security, you're talking about acceptable risk. And
management isn't going to spend $20K to protect something that's worth

Relevant Pages

  • Re: [fw-wiz] RE: In defense of non standard ports
    ... > professionals with some pull with management. ... This is the frustration of many technical security professionals. ... Deploying IDS doesn't help this issue long-term. ... Not show them how valuable their firewall investment is? ...
  • Re: IDS Stealth Mode
    ... the IDS would have to be compromised in order to give the attacker access to the same L2 ... Have your management interface terminate on a "DMZ" or other type of restricted network, ...
  • Re: Triggering IDS
    ... something similar to let you see what happens when your IDS triggers? ... vulnerability management needs. ... Download FREE whitepaper on how a managed service can help you: ...
  • IDS Management/SIM Systems
    ... Information Management System that integrates monitoring capabilities of ... What IDS are you using and why concern for SNMP ... However an organisation which is running a NMS might wish to incorporate IDS, ...
  • Re: Recommending an IDS system
    ... I'm running a smaller setup than your old employer attempted to run. ... re: Cisco IDS, I have a few things to say about Cisco's product: junk. ... but the management of the signatures and ...