Home > Ask the Security Experts > Ask the Experts Questions & Answers > Using an IDS to monitor the domain controller
Ask The Security Expert: Questions & Answers
EMAIL THIS

Using an IDS to monitor the domain controller

Stephen Mencik EXPERT RESPONSE FROM: Stephen Mencik

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 14 September 2004
I have clients with a small-to-medium networking environment. They are monitoring their budget. Is it safe to install snort on a Windows system configured as a domain controller? IDS will be used to monitor the DC instead of the entire LAN segment.

>

A better question would be why are they trying to use a network intrusion detection system to monitor a host, rather than using a host-based IDS to monitor that domain controller? If they want to monitor the LAN, they should use a separate host. Given that the price of systems advertised in the Sunday paper are often under $500 (after rebates), I fail to see how your clients can't afford to have a separate host for this purpose. If that is too expensive, how are they paying your consulting bill?

Anyway, for host-based IDS, Enterasys and Cisco are among the companies that have HIDS products. I'm sure there are others.


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Ask the Experts
Information security training in Europe
Should I go for a CISSP or a BS7799?
What should I focus on in IT school to land a job doing network security when I graduate?
Which route should I take in the information security field?
Should my server have one or two NICs?

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts