Printable View
I was just reading an article about the advantages of incorporating a multi-layered IDS, and thus I want to pose the question: What software does my fellow AOers use/recommend for mIDS? My understanding thus far is that an mIDS has the advantage over an IDS of being able to combine various logs into one comprehensive report, shaving away time spent on what could be potentially critical situations.
Well, my understanding is quite different (and I'd also like to know more about IDS/mIDS solution's as well). My understanding is that it work's similiar to firewall's in the sense that you shouldn't have more than one (two, three, etc). Yes, you'll have more log file's to browse event's and whatnot, but it wouldn't coincide well with each other. Like I said, it's my understanding and it might not be totally correct. I myself would like to know more about the topic.Quote:
My understanding thus far is that an mIDS has the advantage over an IDS of being able to combine various logs into one comprehensive report, shaving away time spent on what could be potentially critical situations.
Check out this link.
Check this out... it may not be mIDS, but close...
Secure Associates's MindStorm
rgds
de