Intrusion Detections System - Essay Example

Microsoft, Cisco, and Tripwire, etc. are some of the companies that deal in these IDS systems. (Spafford, Zamboni, 2000) 2. Network-Based IDS: These are systems that confine and analyze packets on the wire. Network-based IDS are used to protect the entire systems on the network, unlike Host base IDS which are built for a single system. After confining the packets on the network they send them to the IDS console for inspection. Major vendors include Cisco and Symantec. Setbacks with IDS solutions Gem Infosys is a small software company having just 10 PCs and a broadband connection should not face any difficulties with the IDS system.

But sometimes IDS solutions can bring out bogus alarms that may result in incorrect distribution of information. Inadequate potential and bad configuration choices are the major factors for this kind of problem. On the other hand, many products need to be kept updated and well managed to avoid problems such as well updated sensors. Developing an IDS PolicyIn the pre-deployment stage when Gem Infosys is installing an IDS a policy needs to be designed in order to make sure that responsibilities and processes are well defined.

Procedures will be maintained for recognizing the security threats. Incidents will be classified as "non-serious" or "serious". If there is a problem of failing hardware, target network administration should be fully responsive that if network taps are used, even fail-safe taps can take up to a second to re-negotiate with the interfaces and could upset the services. (Liepins, Vaccaro, 1992)Non-serious incidents policy when devising the policies Gem Infosys should know that Non-Serious incidents include those activities in which the attack or threat is not purposely directed at the organization's network.

It should also be analyzed that no sensitive data or information is revealed or used in an illegal manner or without any authorization. Serious Incidents PolicyThose activities in which the attack or threat is purposely directed at the organization's network. Sensitive data or information is revealed or used in an illegal manner or without any authorization. All the networking and IT staff of Gem Infosys will report any possible security event that they come to know to the assigned security officer.

Any activity or breach of security policy is a security incident. The organization will maintain a set of rules and procedures when dealing with these kinds of security incidences. All the incidents that are mentioned as serious by the security officers will be at once conveyed and reported to all the top-level management and the concerned authorities. The organization will try to alleviate any damaging effects, when possible if a security incident affects customer information.ConclusionConfidence gaining of the network's staff is essential to a successful setting up of an IDS system.

The network and system administrator's views and concerns should always be given importance as they are managing the whole network of Gem Infosys and have a better view of the whole scenario. Gem Infosys should try to win the hearts and minds of all the network staff and in return, the company will get a good threat-free network.