Managing Intrusion Detection Systems in Large Organizations, Part One

by Paul Innella
Sept. 24, 2017 1 comment Symantec Detection & Response ids

With industry’s widespread adoption and integration of intrusion detection, it has become clear that intrusion detection systems (IDSs) are an integral part of an organization’s infrastructure. Large government organizations and major companies have deployed, or are in the process of deploying, enterprise-wide IDS solutions. As they begin to roll out and subsequently administer IDSs, companies are experiencing numerous obstacles related to deployment, management, data collection, and data correlation. We put this two-part series of articles together to discuss our experiences working with larger organizations so that we may all learn and benefit from them. As security professionals, we are bound to protect the confidentiality of our clients, and thus the names of these parties will not be disclosed in this article. This series will discuss the need for IDSs, deployment challenges, managing agents in a distributed environment, and the use of collected data. It will also discuss some “re

2flash 7 months, 1 week ago

Very good guide for those working in cyber security I believe! This is both useful and interesting!