About the White Paper:
In this paper, we'll look at the types of alarms that are returned by intrusion-detection systems (IDS) and their relative value. We will begin by offering some definitions of IDS alert terminology, and we'll conclude by outlining some ways you can access the value of the information that is returned from your individual network. In between, we will examine some of the issues that crop up when testing IDS: How do you determine what tests are even worth throwing against an IDS, and what should you expect them to return? Bearing in mind that IDS is a technology that is evolving rapidly, we will try to look not only at features of the current crop of IDS products, but features that may not yet be widely available. |
