In it's simplest form, IDS has three parts. Hardware sensors are placed on the LAN where you want to monitor traffic, Host based sensor software is loaded on critical servers, and a management server is needed to log the data generated, present it in a usable format, and to set the paramaters for responding to an intrusion. The IDS sensor configuration in it's simplest form can be found at http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_installation_guide_chapter09186a00800b459c.html. Your IDS manager configuration will vary depending on the platform your running it on.
Bob
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.