30
2.1.6.3 National Institute of Standards and Technology (NIST)
National
Institute of
Standards and
Technology is
also
measured as
a
prominent
standardization
and
measurement
institute
and
it
has
published
variety
of
information
technology and network security guidelines and documentations for
many organizations.
Amongst
diverse
publications
that
they
have
issued,
special
publications
of
800
series
are
widely
recognized in
usage
of
computer
security
guidelines
by
many
security
communities. Known
as
SP800-94
[10],
this
special
publication completely
and
clearly
describes the guide of using intrusion detection and prevention system (IDPS).
There
are
a
number
of
points
of
recommendation
that
are
emphasized
in
this
publication
while
implementing IDPS
in
organizations. As
stated
in
the
publication
document, the following recommendations are:
•
Securing IDPS
in
its operations
is critical
for
most of
large corporations.
Attackers are sometimes eager
to exploit
the
weakness
points and
vulnerabilities
of
IDPS
and
disable
it
from
functioning in
detecting
and
stopping
attacks.
Sometimes they
actually
want
to
have
access
in
getting
sensitive information,
such
configuration of
the
IDPS.
Day-to-day
full
update
and
upgrade
of
the
components’ systems
and
applications
are
essentially
required
and
the
software
components
must
always be
hardened.
Access restriction
to
the
components and
effective
implementation of
separate
networks
and
accounts
for
IDPS
management
are
highly
compulsory.
System
administrators are
also
imposed
in
performing
vulnerability evaluations,
component
update
assessments,
and
configuration backups.
 |