Is IDS a good way to protect a network

Unanswered Question
Sep 27th, 2001
User Badges:

Is the cisco IDS box a good way to protect a network and how easy is it to maintain.

How does someone keepup with all the new DoS attacks?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
wdrootz Tue, 10/02/2001 - 13:35
User Badges:
  • Bronze, 100 points or more

Because hackers tend to get in anyway (regardless of firewalls and proxy’s), IDS is able to stop them before they can do damage. It is not designed to be the sole security component in your network but an integral part of the picture. Also keeping the signature files up-to-date are as critical as maintaining virus data files.

twiggles Thu, 12/06/2001 - 13:02
User Badges:

The best IDS I've seen is Snort, and it's free too (well...aside from the two weeks to learn how to use it of course). And IDSes are a great weapon in the security toolkit.

As for keeping up with the new attack signatures...well that's a pain in the butt no matter what IDS you use. You obviously don't want to add every signature that comes in an update (looking for Oracle attacks on a network with no DBs is not worth the CPU power).


This Discussion