Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Is IDS a good way to protect a network

Is the cisco IDS box a good way to protect a network and how easy is it to maintain.

How does someone keepup with all the new DoS attacks?


Re: Is IDS a good way to protect a network

Because hackers tend to get in anyway (regardless of firewalls and proxy’s), IDS is able to stop them before they can do damage. It is not designed to be the sole security component in your network but an integral part of the picture. Also keeping the signature files up-to-date are as critical as maintaining virus data files.

Community Member

Re: Is IDS a good way to protect a network

The best IDS I've seen is Snort, and it's free too (well...aside from the two weeks to learn how to use it of course). And IDSes are a great weapon in the security toolkit.

As for keeping up with the new attack signatures...well that's a pain in the butt no matter what IDS you use. You obviously don't want to add every signature that comes in an update (looking for Oracle attacks on a network with no DBs is not worth the CPU power).

CreatePlease to create content