Quote:
My understanding thus far is that an mIDS has the advantage over an IDS of being able to combine various logs into one comprehensive report, shaving away time spent on what could be potentially critical situations.
Well, my understanding is quite different (and I'd also like to know more about IDS/mIDS solution's as well). My understanding is that it work's similiar to firewall's in the sense that you shouldn't have more than one (two, three, etc). Yes, you'll have more log file's to browse event's and whatnot, but it wouldn't coincide well with each other. Like I said, it's my understanding and it might not be totally correct. I myself would like to know more about the topic.