Firewall Wizards mailing list archives
Re: IDS collection in the DMZ, or in the dirty segment?
From: "John Kozubik" <john_kozubik_dc () hotmail com>
Date: Thu, 28 Jan 1999 11:35:07 PST
I have yet to read someone post the idea that you CAN install more than one IDS in your network. I have yet to see any hard case for not putting and IDS in the DMZ, Service Network, Extranet or Internal network. The biggest drawback to this is capital.
Very well said. In the same way that multile firewall configurations can be used, in parallel or serially, multiple IDS can also be used - especially when using chinese walls between business units in the same business firm. I didn't really bring it up because of the questions being fielded concerning the legitimacy of using even one IDS ... this is a very valid solution in many cases - all theoretical for me, though, as I have never set up more than one IDS on a network (would be an interesting project, though) kozubik - John Kozubik - john_kozubik () hotmail com PGP DSS: 0EB8 4D07 D4D5 0C28 63FE AD87 520F 57BE 850B E4C4 ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- IDS collection in the DMZ, or in the dirty segment? John Kozubik (Jan 26)
- <Possible follow-ups>
- Re: IDS collection in the DMZ, or in the dirty segment? Matt McClung, CCSA/CCSE (Jan 27)
- Re: IDS collection in the DMZ, or in the dirty segment? Drexx D. Laggui (Jan 28)
- Re: IDS collection in the DMZ, or in the dirty segment? John Kozubik (Jan 28)
- Re: IDS collection in the DMZ, or in the dirty segment? stranded lemming (Jan 29)