Hybrid IDS

["Talisker" <Talisker () networkintrusion co uk>]

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
-----------------------------------------------------------------------------
Of late there has been a spate of vendors climbing aboard the hybrid IDS
bandwagon.  As I understand it a hybrid IDS combines a host IDS with a non
promiscuous network IDS on a single host, ideally suited to switched or
hi-speed networks.

One vendor who has a console that accepts traffic from host IDS and
enterprise network IDS has promoted their product as a hybrid IDS.  Another
with a personal firewall has promoted their product as a hybrid IDS.

Is there a clear cut definition out there somewhere?

Andy
www.networkintrusion.co.uk Listing all known commercial IDS
                    '''
                 (0 0)
  ----oOO----(_)----------
  | The geek shall        |
  |  Inherit the earth     |
  -----------------oOO----
               |__|__|
                  || ||
              ooO Ooo


The opinions contained within this transmission are entirely my own, and do
not necessarily reflect those of my employer.