What would we like to have in an ideal IDS/IPS system? I am not restricting the list to existing approaches such as signature based, anomaly based, statistical or specification based IDS. Just trying to get the wish list sort of. Any feedback is much appreciated.
Low false negatives - maximize detection and prevention of intrusions, detect zero day attacks, detect variations Low false positives - don't waste analyst time Ease of use - installation and configuration Low resource usage - minimize resource usage, degrade gracefully when resource usage exceeds limits High Performance - good scalability with increasing network speeds Stability, Robustness - no crashes, and resistance to attacks againt IDS Minimal ongoing maintainence - Run with minimal human supervision Thanks ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
