If a tree falls in a forest with no-one to hear it, does it make a sound? So goes a typical zen-like philosophical question. While it's thought-provoking, what does it have to do with Intrusion Detection Systems (IDS)? Simple – if you're not there to watch the tree fall, do you need to know whether it fell or not? The same principle applies with IDS.
There's a forest of threats to your network out there. Do you set the IDS to watch every tree, and risk getting lost in the detail? Or do you focus only on the trees you think represent the biggest threats, and risk missing an attack?
There's no easy answer. What's more, IDS are known for producing false positives. They can miss new attacks. They need regular care and maintenance. But IT's plate is usually full with other issues, like software management, backups, AV issues, VPNs, firewalls, spam filtering and more.
Read this full article at SC Magazine
|
|
Only registered users can write comments.
Please login or register.
Powered by AkoComment!