In that case, I would suggest deploying an IDS with the ability to monitor each of your network segments. Resources...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
permitting, it's a good idea to have the ability to see into each of your zones. This will allow you to monitor traffic that passes between devices within the same zone and never reaches the firewall. Depending upon your data center architecture, it may even be possible to use a SPAN port to provide traffic from more than one zone to the same IDS sensor or network interface card (NIC).
Also consider deploying some intrusion prevention system (IPS) functionality. For more information, read my recent tip entitled "Network intrusion prevention systems: Should enterprises deploy now?".
- Best practices for creating an IDS and maintaining a signature database with Mike Chapple.
- Is it possible to write an IDS using Java? Read more.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach ...continue reading
The proposed CFTC regulations on cybersecurity testing are set to finalize in 2016. Expert Mike Chapple discusses the effects these regulations have ...continue reading
Whether Apple is a HIPAA covered entity was called into question when it advertised for a health regulations lawyer. Expert Mike Chapple discusses ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.