Low cost HID based IDS system

["Zach Forsyth" <Zach.Forsyth () kiandra com>]

Hi,

I just wanted to ask if anyone out there had some ideas in regards to
deploying a low cost HID based IDS system. 
The problem I have is that a few of our clients are quiet small and
whilst I would love to deploy a NID out to all of them they just can't
justify that sort of cost. 
I need to set up a managed type of IDS service that is centrally
controlled by us and has a low cost per month to all of our clients.

My plan would be to use HID type server sensors where needed and have
them all feeding information back to a console that is centrally
managed. 
The per server cost is then low enough to keep clients interested and
the centralized console cost is split over multiple clients on a monthly
basis. 
I can see that they would all be happy paying those sorts of costs.

Although, I don't want to deploy this if it is not likely work in a full
production environment, and provide accurate timely results to the
central console.

Has anyone else set up something similar to this?
Can anyone see any problems or and alternative solution?

I realise that there is a huge amount of variables that dictate the the
configuration and requirements for a system such as this, but I am
looking for some general ideas and discussion from people that have a
lot more knowledge than me with this type of deployment.

Any help would be appreciated.

Thanks in advance

Zach

-------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME?

IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
- including intrusion identification, relevancy, direction, impact and analysis
- enabling a path to prevention.

Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at:
http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------