[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] intrusion detection - benifits?
Hi Tom,
Placing IDS inside of you LAN is a good idea, but ignoring the outside is a
particularly BAD idea.
It is akin to letting anyone sit out in your frontyard and look for moments
of opportunity without any protection. That's why people have security
guards and cameras watching the OUTSIDE of their buildings.
Of course you always need to balance your need vs. your budget vs. your
return on investment.
It is really worth it for YOUR company ?
Jon
Date: Tue, 28 Nov 2000 11:21:13 -0500
From: "Scott Murray" <[email protected]>
Subject: Re: [FW1] intrusion detection - benefits?
Tom,
I personally don't see the real need to have IDS running outside the
Firewall, I would have it running INSIDE the Firewall for the overly
paranoid folks. It gives you a little more peace of mind.
Scott
>From: "Pellowski, Tom" <[email protected]>
>To: "fw-1-mailinglist@lists. us. checkpoint. com (E-mail)"
><[email protected]>
>Subject: [FW1] intrusion detection - benifits?
>Date: Tue, 28 Nov 2000 08:45:05 -0500
>
>
>Greetings:
>
>I have this question that I would like the community to give me their .02
>worth.
>
>In an arena running Checkpoint (whatever flavor) is it really worth the
>time, expense, and possible network performance compromises to put a
>separate intrusion detection appliance online in front of the firewall?
>
>I understand that there are tons of "well, you could.." but what I am
>really
>after is "your" opinion. Would you, as the FW admin/engineer, do it.
>
>Obviously I am looking for some backup here as I am having a intrusion
>detection package rammed down my throat, and frankly, I don't want it. But
>my only defense at this point is that "is something more to manage".
>
>Thanks to all in advance!!!
>
>Tom
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
