In that case, I would suggest deploying an IDS with the ability to monitor each of your network segments. Resources permitting, it's a good idea to have the ability to see into each of your zones. This will allow you to monitor traffic that passes between devices within the same zone and never reaches the firewall. Depending upon your data center architecture, it may even be possible to use a SPAN port to provide traffic from more than...
one zone to the same IDS sensor or network interface card (NIC).
Also consider deploying some intrusion prevention system (IPS) functionality. For more information, read my recent tip entitled "Network intrusion prevention systems: Should enterprises deploy now?".
- Best practices for creating an IDS and maintaining a signature database with Mike Chapple.
- Is it possible to write an IDS using Java? Read more.
Dig deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple, Enterprise Compliance
Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.continue reading
Metadata tagging is not just for security. Expert Mike Chapple explains how tagging tools can be used to achieve PCI DSS compliance.continue reading
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.