Watching the Watchers: Intrusion Detection
Source: Network Computing - Posted by Dave Wreski   
Intrusion Detection If you're one of the unfortunate souls who has been at ground zero during a high-impact security incident, you know the chaos that often ensues. When the big one hits, it can spawn teams of crazed administrators, flocks of delusional and . . . If you're one of the unfortunate souls who has been at ground zero during a high-impact security incident, you know the chaos that often ensues. When the big one hits, it can spawn teams of crazed administrators, flocks of delusional and impatient managers, and swarms of defensive developers. The resulting mess is a veritable rumor committee so poised for explosion that it rivals The National Enquirer in storytelling ability. Such a disaster is often curbed only by hardened incident-response veterans--teams that are as rare as they are essential.

So when wave after wave of IDS (intrusion-detection system) products began to appear, with claims they could detect attacks, log the attacker's traffic, help track the origin of the attack and possibly even stop the attack midstream, both engineers and managers took notice. Perhaps this is what put intrusion-detection products at the top of the security-product deployment charts in our survey of more than 500 organizations earlier this year (see our reader survey from "Best Practices in Network Security"). Such claims are certainly appealing, but they paint only half the picture.

Read this full article at Network Computing

Only registered users can write comments.
Please login or register.

Powered by AkoComment!