[Agenda] [Background] [History] [Classical] [Modern] [Purpose] [IDS] [Hardware] [Software] [Managment] [Market] [Policy] [Qualities] [Concl]
[first slide] Network based intrusion detection [previous slide] [next slide]

* Intrusion detection doesn't succeed very much as a really useful & efficient tool at customer sites

* IDS running on a host
o The use of sniffers is made difficult by switched networks
o Common case

* IDS using branch circuits
o Copy from one strand to another
o Practical difficulties
o Not yet common

* IDS embedded in network devices
o Use of sniffers possible in network devices
o Example: Netflow switching with Cisco IOS, embedded NetRanger-light

* Intrusion detection should become part of traffic screening in network devices

*********************************************************************
HSC ® © Hervé Schauer Consultants 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 14 -