|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Chris M (dontspammeplz48
gmail.com)
Date: Thu Sep 13 2007 - 14:49:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I was wondering if anyone knows of any
documents/papers/book/suggestions on the proper way to implement an
IPS in a large environment. We had a vendor install the IPS units,
and they were supposed to tune the signatures and apply filters,
however there is still a lot of work to be done. I have been tasked
with putting a plan together to get these units to begin automatic
blocking instead of currently only watching traffic, but unfortunately
I only have experience using Snort in a small environment without a
lot of abnormal traffic. All the books I've been able to find online
are either out of date or inadequate. Any help would be greatly
appreciated!
Thanks,
Chris Moore
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]