Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up
Security
F E A T U R E  
Dragon Claws its Way to the Top

  August 20, 2001
  By Greg Shipley and Patrick Mueller

The Future of IDS

Lately there's a lot of buzz about pushing gigabit speeds and integrating IDSes (intrusion-detection systems) with custom hardware, but we believe that two of the most important issues have yet to be addressed in a mature manner: data aggregation and correlation, and event management.

As organizations begin to realize the importance of monitoring logs and performing queries on historical data, products that can tie firewall data, IDS data and system logs together will become more valuable. An IDS that picks up an attacker knocking on one firewall is one thing. That same attacker knocking on 20 firewalls around the world is quite another. As IDSes continue to mature, they should be able to use their distributed nature to craft more intelligent alerts and help classify attacks accordingly.

Another feature that is lacking in today's IDSes is the ability to manage events. For example, in our testing we used a simple forum package called phpnuke to keep communication paths open between us and DePaul's network admin team. Modern IDSes aren't designed to tie into operations-centric systems, so security staffers are left to play the cut-and-paste game. Eventually, IDSes will have to go the route that networking devices have gone: interoperability with larger frameworks. We hope the day will come when you can snap in a HIDS agent from one vendor and a NIDS sensor from another vendor and plug them both into a framework manager from a third vendor. For now, however, we're stuck doing much of the management ourselves.


   Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | Next Page

Best of the Web

Data deduplication: Declawing the clones

Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.

Quick Read

Compression, Encryption, Deduplication, and Replication: Strange Bedfellows

One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.

Quick Read

WAN Optimization Whitelists and Blacklists

Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.

Quick Read

WAN Optimization as a Managed Service: It's Not About the Cost

This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.

Quick Read

  Sponsored Links

Premium Content

Data Centers Gone Wild
February 22, 2010
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll