Multi-Layer Intrusion Detection Systems

A business critical system has been breached by attackers. Responding to the event, you grab your gear and head down to where the system is. En route a red faced executive seemingly about to explode brushes past you in a hurry, suddenly turning around upon realization that you are the specialist responding to the very incident which has him on the brink. Already knowing the words about to come out of his mouth, the man begins to spout, "We need this system back up immediately!! We have a major demonstration today and can NOT afford to allow this system to be down! FIX IT NOW!" Politely, you force out a yes sir, and head to the server room where the system is located. As you login, you know time is against you.

Does it take you one hour to get together and analyze the various system logs spread across the system, or do you do this same time consuming task in just a few minutes? That's your choice, and a choice that a multi-layer Intrusion Detection System (mIDS) gives you.

More often than not, single security solutions merely scratch the surface of an entire security event. This surface of information can be equated to the crust of the earth, which only makes up barely one percent of the earth's total mass. Analyzing just this small surface area of event information is not a sustainable approach to protecting networks. One must dig deeper, into the mantle, and even further into the core in order to truly begin to monitor and understand security events within computer systems and networks.

Read Full Story