I have clients with a small-to-medium networking environment. They are monitoring their budget. Is it safe to install...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
snort on a Windows system configured as a domain controller? IDS will be used to monitor the DC instead of the entire LAN segment.
A better question would be why are they trying to use a network intrusion detection system to monitor a host, rather than using a host-based IDS to monitor that domain controller? If they want to monitor the LAN, they should use a separate host. Given that the price of systems advertised in the Sunday paper are often under $500 (after rebates), I fail to see how your clients can't afford to have a separate host for this purpose. If that is too expensive, how are they paying your consulting bill?
Anyway, for host-based IDS, Enterasys and Cisco are among the companies that have HIDS products. I'm sure there are others.
Dig Deeper on Network intrusion detection and prevention (IDS-IPS)
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.