I wouldn't want to put it in both places. If I did I'd have to deal with false positives twice. With all the other responsibilities I have it would take up too much of my time. I do trust my firewall so I think I'll keep it inside.
""Brad Nixon"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The easy answer to your question is "It depends". Do you trust your > firewall? Do you trust your internal users? The best solution would be to > have an IDS on each side of your firewall. That way you could detect both > external and internal threats. > > -- > Brad A. Nixon > CCNP, CCDA, MCP, CCSA > "Nothing is fool proof to a sufficiently talented fool." Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48596&t=48420 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
