[Dshield] Question for all

Witt, Allen DAVID.A.WITT at saic.com
Fri Feb 6 20:43:35 GMT 2004

My preference would be to have an network based IDS located inside the
firewall (details hostile activity that gets through the firewall), and an
IDS for each subnet used for public or business partner access (aka DMZ's).
You should also consider implementing host based IDS systems on those hosts
that are high value/mission critical, as well as those that communicate with
encrypted protocols.

my .02

Allen Witt, Network Security Administrator

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
Behalf Of Rick Sroka
Sent: Tuesday, February 03, 2004 2:12 PM
To: list at dshield.org
Subject: [Dshield] Question for all

Would you have a ids on the outside of the firewall or inside after the

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list