1 / 11

Five steps to IDS success

Five steps to IDS success. Rebecca Bace President/CEO Infidel, Inc. Venture Consultant, Trident Capital infomom@infidel.net. Overview of today’s discussion. The five steps to IDS success Step 1 – Assessing your needs Step 2 – Assessing your resources

mordecai
Download Presentation

Five steps to IDS success

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Five steps to IDS success Rebecca Bace President/CEO Infidel, Inc. Venture Consultant, Trident Capital infomom@infidel.net

  2. Overview of today’s discussion • The five steps to IDS success • Step 1 – Assessing your needs • Step 2 – Assessing your resources • Step 3 – Selecting the IDS that represents the best fit • Step 4 – Tuning the IDS to your environment • Step 5 – Using what the IDS tells you (Response) • Bonus round – Loose ends and ongoing debates

  3. The five steps to IDS success • Intrusion detection is an established solution. • Adding IDS to your enterprise can be frustrating and costly. • Success depends on making clear decisions about which IDS you use and how you use it.

  4. Step 1 : Assessing your needs • What are your goals and constraints? • Acceptable risk levels • Do they differ for different parts of the enterprise? • Legal and regulatory requirements • Organizational culture • Buttoned down vs. free spirits • The nature of assets you need to protect • Connectivity • Data assets

  5. Step 2 : Assessing your resources • What is your technology budget? • Can you acquire additional funds when you need them? • What is your level of personnel support? • What is your level of authority within the organization? • Do you report to the CEO/CIO or further down the management stack? • Do you have a security policy? A security program? Enforcement authority?

  6. Step 3 : Selecting the IDS that represents the best fit • Passive or active monitoring • What type of detection analysis? • Signature/pattern recognition • Model-based • Anomaly-based • Software or hardware form factor • Sensor placement • What about IPS?

  7. Step 4 : Tuning the IDS to your environment • How do you configure and tune the IDS you’ve selected? • What are product features and support provisions to assist you in this configuration? • Eliminating false positives • Is a monolithic IDS installation the right fit for your environment?

  8. Step 5 : Using what the IDS Tells You (Response) • IDS logs (and what to do with them) • On the importance of using report generation features • Retention policies for IDS output • Feedback constructs for IDS processes

  9. Bonus round : Loose ends and ongoing debates • To SIM or not to SIM? • How do you scale IDS across enterprises? • How is IDS strategy affected by modern trends? • Deperimeterization • Mobile Computing • Is IDS here to stay?

  10. Questions, anyone? Submit your questions by entering them in the text field on the lower right corner of your screen.

  11. Thank you for participating in today’s webcast. For more information on IDS best practices and to access this webcast on demand, visit our Featured Topic: www.searchSecurity.com/FeaturedTopic/IDSbestpractices Contact Rebecca Bace at infomom@infidel.net

More Related