PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2004

'Targeted' perimeter defense improves network-based intrusion detection systems

  Click to enlarge. Doubleclick to restore. Network-based intrusion detection systems (NIDSes) are at least as famous for their failures as their successes. Most NIDSes generate a lot of false positives, false alerts, false alarms--whatever you call them, they've driven many frustrated security managers to simply pull the plug on their NIDSes. Gartner Group went so far last year as to proclaim that "intrusion detection is dead." The vendors' response is smarter NIDSes. "Target-based IDS" is a new technology that correlates knowledge about network topology, operating systems and applications with incoming attack information. That appealed to Ed Goff, whose North Carolina-based power utility -- Progress Energy -- was in the market for an IDS solution for its internal networks, to complement its perimeter defense. "Using the strategy of correlating bad activity sensed on the wire to our hosts enabled us to leverage the intelligence of the application instead of working so hard and relying on human elements to see trends," says Goff...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue