Date Published: February 2007
Author(s)
Shirley Radack (NIST)
This bulletin summarizes the recommendations developed by NIST for organizations in the effective use of intrusion detection and prevention systems (IDPS). These software systems help organizations to monitor and analyze events occurring in their information systems and networks, and to iddentify and stop potentially harmful incidents. The bulletin discusses the functions of intrusion detection and prevention systems, and describes four types of systems. It summarizes the components and architecture, security capabilities and management issues related to each type of system. NIST recommendations to organizations in implementing intrusion detection and prevention systems are included.
This bulletin summarizes the recommendations developed by NIST for organizations in the effective use of intrusion detection and prevention systems (IDPS). These software systems help organizations to monitor and analyze events occurring in their information systems and networks, and to iddentify...
See full abstract
This bulletin summarizes the recommendations developed by NIST for organizations in the effective use of intrusion detection and prevention systems (IDPS). These software systems help organizations to monitor and analyze events occurring in their information systems and networks, and to iddentify and stop potentially harmful incidents. The bulletin discusses the functions of intrusion detection and prevention systems, and describes four types of systems. It summarizes the components and architecture, security capabilities and management issues related to each type of system. NIST recommendations to organizations in implementing intrusion detection and prevention systems are included.
Hide full abstract
Keywords
information security; information systems; intrusion detection systems; intrusion prevention systems; malicious activities; networks; prevention of attacks
Control Families
Audit and Accountability; Incident Response