Planning an Intrusion Prevention Strategy

Now that you are aware of some of the latent issues in an intrusion prevention application, you realize that planning the intrusion prevention deployment is an entirely different process than it is for an IDS. The same strategy used to configure Snort would lead to huge problems, as the number of false positives would deny service to many people and applications.

The process of deploying intrusion prevention is lengthier and requires greater attention to detail than installing an IDS. With Snort, a misconfigured option or rule can affect only the performance of the IDS itself. With an intrusion prevention application, a misconfiguration can literally take down your network.

The first step in planning ...

Get Intrusion Detection with Snort now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.