In that case, I would suggest deploying an IDS with the ability to monitor each of your network segments. Resources...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
permitting, it's a good idea to have the ability to see into each of your zones. This will allow you to monitor traffic that passes between devices within the same zone and never reaches the firewall. Depending upon your data center architecture, it may even be possible to use a SPAN port to provide traffic from more than one zone to the same IDS sensor or network interface card (NIC).
Also consider deploying some intrusion prevention system (IPS) functionality. For more information, read my recent tip entitled "Network intrusion prevention systems: Should enterprises deploy now?".
- Best practices for creating an IDS and maintaining a signature database with Mike Chapple.
- Is it possible to write an IDS using Java? Read more.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
It's hard to tell if a company is a HIPAA business associate, but a closer look at HHS documents helps. Expert Mike Chapple discusses a specific case...continue reading
There was speculation in the security world over whether the FedRAMP certification would be helpful or not. Now that it's in full use, Mike Chapple ...continue reading
Medical device companies are part of the health industry, but does that make them a HIPAA covered entity or business associate? Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.