NETWORK SECURITY TACTICS
How to limit false positives in IPSes
Jonathan Hassell
07.18.2005
Rating: -4.25- (out of 5)
|
As intrusion-prevention systems (IPSes) are increasingly deployed in corporate datacenters and network edges around the world, the issue of false positives grows. A false positive is any alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior. Too many false positives can reduce the intrinsic value of the data received from the system and can become a problem as netwo
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
rk attacks increase over time (think of The boy who cried wolf). Let's take a look at five ways to reduce false positives in IPSes.
About the author
Jonathan Hassell, a systems administrator and IT consultant in the Charlotte, N.C. area, is the author of several books, including Hardening Windows and Managing Windows Server 2003. He regularly speaks at conferences and contributes articles on Windows administration and network security.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSecurity.com.
Register now
to start rating these tips. Log in if you are already a member.
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
