[Dshield] Question for all

Witt, Allen DAVID.A.WITT at saic.com
Fri Feb 6 20:43:35 GMT 2004


My preference would be to have an network based IDS located inside the
firewall (details hostile activity that gets through the firewall), and an
IDS for each subnet used for public or business partner access (aka DMZ's).
You should also consider implementing host based IDS systems on those hosts
that are high value/mission critical, as well as those that communicate with
encrypted protocols.

my .02

Allen Witt, Network Security Administrator
SAIC
865-425-5199


-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
Behalf Of Rick Sroka
Sent: Tuesday, February 03, 2004 2:12 PM
To: list at dshield.org
Subject: [Dshield] Question for all


Would you have a ids on the outside of the firewall or inside after the
firewall 

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list