218 Security De-engineering
Hidden Costs
In order for NIDS to work eectively, promiscuous mode “nodes” are
needed around the network.
While working with IT and network operations client-side sta,
I realized at an early stage of my career that there can be consider-
able costs with any security safeguard, apart from the basic materials
cost of hardware and software. As I previously mentioned at various
points in this book, what may seem like a minor network change to a
security sta member actually can turn out to present costs in many
forms. For example, if a NIDS is to be at all useful, we would want to
log NIDS events. So then how much disk space is required, for how
long are the logs retained, and how much complexity is involved with