Why IDS is Ineffective for Linux Production Environments
In the alphabet soup that is a traditional cybersecurity architecture, intrusion detection systems (IDS) hold a prominent spot on the mantle. IDS are broadly recognized as an important component of a cybersecurity strategy; one of many tools that make it more difficult for an adversary to inflict harm on an organization. The threats companies face become even more pressing in the context of production environments. Production systems – those housing customer data, IP and other critical information – must be protected holistically. As the heart of a business, attacks that impact production infrastructure have the potential to cripple organizations, including the potential of fines, such as those Google has seen of late related to GDPR. Few would argue the necessity of being able to detect intrusions into the production infrastructure. IDS and other “good hygiene” technologies – such as firewalls, antivirus and strong authentication – play a central role in helping companies to fend off threats. An IDS, in particular, helps monitor a production environment for unusual or malicious activity, either at the host-level (host IPS – HIDS) or network-level (network IPS – NIDS).
Please fill all the required * fields.