This International Standard provides guidelines to assist organizations in preparing to deploy intrusion detection and prevention systems (IDPS). In particular, it addresses the selection, deployment, and operations of IDPS. It also provides background information from which these guidelines are derived.
Sisällysluettelo
Foreword
Introduction
1 Scope
2 Terms and definitions
3 Background
4 General
5 Selection
5.1 Introduction
5.2 Information security risk assessment
5.3 Host or Network IDPS
5.4 Considerations
5.5 Tools that complement IDPS
5.6 Scalability
5.7 Technical support
5.8 Training
6 Deployment
6.1 Overview
6.2 Staged deployment
6.3 NIDPS deployment
6.4 HIDPS deployment
6.5 Safeguarding and protecting IDPS information security
7 Operations
7.1 Overview
7.2 IDPS tuning
7.3 IDPS vulnerabilities
7.4 Handling IDPS alerts
7.5 Response options
7.6 Legal Considerations
Annex A Intrusion Detection and Prevention System (IDPS): Framework and issues to be considered (informative)