Problem solve Get help with specific problems with your technologies, process and projects.

What is the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?

Deploying an IDS can be a complex process. But are there specific requirements for an IDS in an ERP system? Network security expert Mike Chapple explains.

Do you have any recommendations for the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?
There really aren't any special circumstances that would make an IDS deployment for an ERP any different from any other IDS deployment. I'm assuming that your ERP is in a data center protected by a firewall and that the application and database servers may even be in separate firewall zones.

In that case, I would suggest deploying an IDS with the ability to monitor each of your network segments. Resources permitting, it's a good idea to have the ability to see into each of your zones. This will allow you to monitor traffic that passes between devices within the same zone and never reaches the firewall. Depending upon your data center architecture, it may even be possible to use a SPAN port to provide traffic from more than one zone to the same IDS sensor or network interface card (NIC).

Also consider deploying some intrusion prevention system (IPS) functionality. For more information, read my recent tip entitled "Network intrusion prevention systems: Should enterprises deploy now?".

More information:

This was last published in February 2008

Dig Deeper on Network intrusion detection and prevention (IDS-IPS)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.