31
•
For
more
comprehensive and
accurate performance of
network attacks detection
and prevention, especially to
lessen
false positive and
false
negative,
it
is
highly
recommended
to
have
multiple
types
of
IDPS,
which
include
network-based,
host-based,
wireless,
and
network
behavior
analysis
(NBA).
Each
of
types
has
diverse
function
in
information gathering, logging,
detecting,
analyzing, and
preventing based on its purpose.
•
Integration of
multiple IPDS
from
the same vendor should be also considered
for
the reason that the IDPS deployment will be
much effective to manage and easier
to
integrate.
All
single-vendor products
are
managed and
controlled
by
a
single
console
or
user
interface
an
each
product
has
mutual
shared
data
connection to
have better analysis process. This is called direct IDPS integration.
•
Organizations need to
meet
with the
right system requirements while deciding to
implement IDPS
system.
This
is
necessary
with
the
intention
of
system
compatibility basis to encompass the effectiveness and competence of
IDPS roles
and performances.
•
Organizations
also
are
recommended
to
have
several
different
source
of
information
regarding
to
the
IDPS’s
capabilities
and
characteristics. Common
products
data
sources
include
test-lab
or
real-world testing,
vendor-provided
information, third-party
product
reviews,
and
previous
IDPS
experience
from
individuals within the organization and trusted individuals at other organizations.
 |