Jennifer-
Don't forget another important thing to ask about IDS... what to do with all
the data it generates. I see you are requesting something that goes to a
syslog server... do you already have tools in place to analyze that data?
IDSes (especially those placed outside a FW) generate a ton of data. Making
sense out if it is extremely difficult if you are already short on
resources. (Who isn't?) Coorelation between (multiple) IDS engines and
Firewalls is key, and software vendor solutions in this space are still in
their infancy.
If you are especially short on resources, you may want to considering
outsourcing your security monitoring to a third party.... in which case you
want to pick the MSSP before picking your IDS.
If you just need to have an IDS because your CXO said "we need to have an
IDS" then Snort at $0 seems to be the best bang for your buck nowadays.
Cheers.
-Nicole
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus
- RE: Need recommendations about IDS Systems Ivan Coric
- RE: Need recommendations about IDS Systems Chris Berry
- RE: Need recommendations about IDS Systems Benjamin Meade
- RE: Need recommendations about IDS Systems Moeckel, Sharon
- RE: Need recommendations about IDS Systems Trevor Cushen
- RE: Need recommendations about IDS Systems Ivan Coric
- RE: Need recommendations about IDS Systems Nicole Nicholson
- RE: Need recommendations about IDS Systems Mike Heitz
- RE: Need recommendations about IDS Systems Mel
- RE: Need recommendations about IDS Systems Daniel R. Miessler
- RE: Need recommendations about IDS Systems James Taylor
- Re: Need recommendations about IDS Systems Talisker
