Intrusion detection software best practices

If you or your organization is planning on implementing some form of intrusion detection software, it’s imperative to first understand the requirements and scope of the project. Depending on the size of your organization, you might not have a ton of resources to throw at standing up an IDS or IPS in your environment. 

While many different commercial vendors offer intrusion detection capabilities in their solutions, it’s important to first understand your needs and goals.

There are open source technologies available which we will dive into more in future articles, but most commercial offerings tend to be expensive. The cost associated with these technologies typically come from the following components:

Product fees (software license costs or hardware/appliance costs)    Implementation fees (professional service fee for setup and configuration) Maintenance (who on your team is responsible for maintaining the tool?) Tuning (who on your team is responsible for properly tuning the system?) Responding (who is actually using the tool to detect threats?)   Intrusion detection product fees

If you are not using open source software such as Snort, Suricata, etc., you will have to go with a commercial vendor. In later articles, we will discuss the benefits and downsides of using

Read More: