Submitted by: Submitted by nicecti1
Views: 204
Words: 727
Pages: 3
Category: Science and Technology
Date Submitted: 09/20/2013 06:25 PM
Before Formulating an IDS Policy
Jonathan Santos
NETW202
April 11, 2010
Mark Kirton
Before Formulating an IDS Policy
Gem Infosys a small software company has decided to secure their computer systems. The organization uses ten PCs and a broadband connection to the Internet. The management at Gem has determined that it needs to formulate an IDS policy. Before they get started, however, I will be explaining what steps they must take before formulating the IDS policy.
First, let's understand exactly what it is that IDS's do. Intrusion Detection Systems are used in the PC world as an analytical tool; meaning that they do not protect or prevent attacks. Instead, they monitor activity on the network and examine it to determine whether the network or system is potentially being attacked. Depending on the type of IDS, it will only come to this conclusion after the network or system has already been compromised. That being said, once it determines that the traffic it examined can be harmful, it logs it (once again, depending on the IDS, it may also send an alert to personnel).
Now that you know what IDS's do, we can get started on determining what needs to be done before formulating the IDS policy. The first step should be to determine what kind of network traffic Gem Infosys wants to be alerted for. The type of network traffic needs to be specific to prevent false positives and false negatives. Types of network traffic would include instant messages, videos, e-mails, etc. A false positive would be if the IDS alerts security personnel of activity that is considered normal for the company. A false negative is when the IDS does not alert suspicious activities. It's simple to see why this step is an important one, and should be done carefully by people involved in the company's day-to-day operations.
After Gem Infosys determines the type of network traffic they want to be notified of, they need to decide on what type of IDS they want to...