Re: Ideal IDS/IPS




You can also check if the IDP has a NIC bypass feature which actually makes the IDP work as normal switch (no traffic monitoring) in case of a power failure.


Thanks & Regards,
Nikhil Manampady,
Security Consultant,
Paladion Networks.




On Thu, Jun 2, 2011 at 8:50 AM, snort user <snort.user@xxxxxxxxx> wrote:

What would we like to have in an ideal IDS/IPS system? I am not
restricting the list to existing approaches such as signature based,
anomaly based, statistical or specification based IDS. Just trying to
get the wish list sort of. Any feedback is much appreciated.

Low false negatives   - maximize detection and prevention of
intrusions, detect zero day attacks, detect variations
Low false positives   - don't waste analyst time
Ease of use           - installation and configuration
Low resource usage    - minimize resource usage, degrade gracefully
when resource usage exceeds limits
High Performance      - good scalability with increasing network speeds
Stability, Robustness - no crashes, and resistance to attacks againt IDS
Minimal ongoing maintainence - Run with minimal human supervision

Thanks

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194




-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194