IT Governance, Risk, and Compliance

Dec 8 2012   1:34AM GMT

Network Infrastructure Security: Intrusion Detection Systems – Part VI

Robert Davis Robert Davis Profile: Robert Davis

Network-based intrusion detection captures traffic and performs analyses to identify notable events. If placed at the front-end IT perimeter, the properly configured network-based IDS will detect all externally initiated attack attempts, even where the firewall subsequently permits malicious packets to ingress. As an alternative configuration option, an IDS can be placed between a firewall and the internal network, where it will only evaluate firewall passed traffic.

Effective information assets protection (IAP) technologies are valuable defense mechanisms for combating inappropriate and malicious behavior. Therefore, information security personnel should identify and evaluate deployed configuration management tools that ensure an entity’s network infrastructure maintains data integrity and availability.


Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Raleigh:, 2010.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: