Feb 26,2010 00:00
Extensive planning and preparation are required before deploying sensors on your internetwork. Until some auditing and planning are done, you can’t even be sure which sensors are needed. Before you can begin installing your sensors, you must first understand where and how your sensors should be installed. Consider the following factors when you plan the deployment strategy for your network sensors:
While each network has its own characteristics and caveats, some common strategies have worked for other Security Engineers across many different and unique network infrastructures. The strategy you choose depends on what you want your intrusion detection system to accomplish. Some IDS systems allow sensors to manage perimeter devices such as routers and firewalls, while other IDS systems are engineered to be passive and only monitor the traffic and actions taking place on the network. Your security policy should dictate the strategy you’ll use in engineering your IDS environment and deciding on a sensor deployment strategy.