Q

Buy vs. build: Choosing an enterprise intrusion detection system

When it comes to intrusion detection systems, should you buy or build? In this SearchSecurity.com Q&A, network security expert Mike Chapple explains when an enterprise should use a commercially supported product.

Under what circumstances would you recommend building your own intrusion detection system (IDS)?
Generally, I'm a fan of the "buy vs. build" philosophy, and I recommend the use of commercially supported products in enterprise environments. In most cases, it's simply more cost-effective to use a product that has manufacturer support available. Many administrators find the notion of calling for support a blow to their egos, but that's a misguided philosophy; technical support should be viewed as a direct pipeline to expert knowledge, rather than a last-ditch 911 call.

Some organizations, like schools and other non-profits, may have volunteers available to spend time maintaining a system, or simply don't have the funds to purchase and maintain a commercial IDS. In such cases, building an intrusion detection system may be a viable option.

If you do choose the "build it" route, go with a mainstream tool. Enterprises around the world, for example, deploy the open-source Snort IDS. The intrusion detection system's rule updates are available for free, but with a 30-day delay. If you're willing to spend a few hundred bucks a year, however, you can purchase a real-time rules subscription. There's also a huge community that provides a free support resource through forums on the Snort Web site.

More information:

  • Check out SearchSecurity.com's Snort Intrusion Detection and Prevention Guide.
  • Learn how to use wireless IDS/IPS.
  • This was first published in July 2007

    Dig deeper on Network Intrusion Detection (IDS)

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close