I'm performing a risk assessment for a commercial IPS deployment at my place of work. The scope of the assessment is limited to how we implemented and deployed the product - not how the product works. Some areas that I will be reviewing include authentication and authorization to the sensors and management systems, backup of data and configuration settings, hardening of the sensors/systems, and best practices such as testing signatures prior to installation into production. I apologize if this is the wrong place to post. I'm looking for input from this list as to current threats against IPS/IDS installations as well as other areas to review during my assessment. Thanks!
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
