s***@netscape.net
2011-05-04 20:40:42 UTC
As I am sure you could have predicted, my answer is that it depends. There are more security options available in a HIDS solution that you won't find when using the tools that you mention in your post such as being able to do behavioral analysis of the software executing on the server. For example, you can deny certain executables from running in a directory where it isn't expected, block all executables from running in temp directories, home directories, etc. As with any software there is a learning curve so it is best to start out with HIDS running in "learning" mode which you can tune over time.
When looking at defense in depth, go for a mixture of signature-based (IDS, AV) along with heuristic or behavior-based tools. Hope this helps.
-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
When looking at defense in depth, go for a mixture of signature-based (IDS, AV) along with heuristic or behavior-based tools. Hope this helps.
-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194