Eliminating IDS Babble
Source: InfoSec Magazine - Posted by Jen Olson   
Intrusion Detection Simply put, there are as many different IDS applications as there are attack vectors (figuratively speaking, of course). As many organizations have discovered, multiple IDS solutions are needed to monitor different platforms and networks. This diversity inhibits enterprise-wide pooling and correlation . . . Simply put, there are as many different IDS applications as there are attack vectors (figuratively speaking, of course). As many organizations have discovered, multiple IDS solutions are needed to monitor different platforms and networks. This diversity inhibits enterprise-wide pooling and correlation of attack data. Although its work is far from complete, the Intrusion Detection Exchange Format working group (IDWG) in April released a revised draft of its Intrusion Alert Protocol (IAP). The group eventually hopes to create a protocol that will enable the easy exchange and analysis of attack data from multiple IDSes.

The specification authors write that IAP will support "the transmission of alert data from an intrusion detection sensor/analyzer, which detects a potential intrusion, to a manager, that displays the alert to a human, logs it to a database or takes appropriate action."

Read this full article at InfoSec Magazine

Only registered users can write comments.
Please login or register.

Powered by AkoComment!