interfaces allocations?

Unanswered Question
Reza Sharifi Sun, 12/13/2009 - 09:17
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hello alsayed,



IPS/IDS in mostly deployed on the outside perimeter devices and inside of perimeter devices.

Here is a document on understanding IDS/IPS for Defense in Depth:

http://www.sans.org/reading_room/whitepapers/detection/understanding_ips_and_ids_using_ips_and_ids_together_for_defense_in_depth_1381?show=1381.php&cat=detection



HTH

Reza

Reza Sharifi Sun, 12/13/2009 - 10:14
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

I think if you protect the outside before even getting to DMZ is good enough.  You could add another device in your DMZ, but do you have enough man power to monitor all the devices and go through their logs? Putting a device is not so much of issue, but management and monitoring is.

I have seen when there is too much logs to look at, they don't get look at at all.



Reza

Actions

This Discussion