Share what you know with millions of people
Focus is the best place to turn what you know into remarkable content
0
What questions should I ask when looking for an intrusion detection system?
I'm searching for an intrusion detection system and am trying to determine which features are most important. What are the key issues I should be thinking about before I choose?
Events
- Dos and Don'ts of Small Business Marketing May 29 @ 11 am PT
- Lead Nurturing 202: The Next Generation May 31 @ 11 am PT
- The Tricks to Paid Media June 6 @ 11 am PT
- Display Advertising for Brand Awareness June 20 @ 11 am PT
Related Activity
1 Answer
Hmm...based on more conversations I've had on this subject with analysts, consultants, users and vendors than I can remember, here are some starting questions I'd recommend.
1. Is it pervasive and ubiquitous? Does it cover every potential intrusion point and method with equal effectiveness and efficiency?
2. Is it invisible? Can users do their jobs with minimal to no changes imposed or required by the intrusion detection system?
3. Is it driven by business-defined rules and roles and not vendor-defined constraints?
4. Is it proactive and predictive? Can it "learn" from past intrusions and help to warn of potential threats or vulnerabilities?
5. Is it smart? Does it "know" enough to report the right information to the right people in the most actionable form, despite supporting a diversity of users and roles?
6. Does it "play well with others?" Does it interoperate with all current IT infrastructure and IT security elements in ways that maximize overall protection while minimizing difficulty of deployment or use?
I'd recommend starting with these and similar questions, and using the answers to develop an initial "short list" of candidates. Good luck!
Answer This Question