Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS standards (was: IDS taps in a switched network...)

From: blue0ne () igloo org (Jackie Chan)
Date: Mon, 1 Nov 1999 20:12:37 -0500 (EST)





If we start bottling IDS solutions in switches, then a standard should be
made for IDS companies to write to, as a great Routing company may have
crappy IDS code, while a crappy Routing company may have Great IDS code.


An IDS standard is an excellent idea. Like RMON, it would give vendors (IDS
makers and box makers alike) one set of specs to write to, and eliminate the
problem of a weak IDS on a strong router or vice versa.

Big question is which standards body could do a spec in a reasonable amount
of time that covers both security and performance. The IETF would be my
first choice, but that depends on one's definition of "reasonable." ;-)


The next problem would be convincing the Security companies that it
is profitable to do such.  I seem to remember the teeth that had to be
pulled around the industry before they would agree on the first bus
standard.
Previous By Date Next
Previous By Thread Next

Current thread: