HostedDB - Dedicated UNIX Servers
pilot_3 August 28, 1998 Intrusion Detection Pilot Program Guide iii Table of Contents Introduction & Scope.....................................................................................1 Phase 1 – Requirements Definition..............................................................2 Goal..................................................................................................................................... 2 Suggested Duration............................................................................................................2 Procedure...........................................................................................................................2 Understand your environment......................................................................................2 Analyze your needs......................................................................................................2 List your expectations...................................................................................................2 Establish criteria for measuring success or failure.......................................................2 Resources Needed for this Phase......................................................................................3 Output from this Phase.......................................................................................................3 Phase 2 – Product Evaluation.......................................................................4 Goal.....................................................................................................................................4 Suggested Duration............................................................................................................4 Procedure...........................................................................................................................4 Resources Needed for this Phase......................................................................................4 Output from this Phase.......................................................................................................5 Phase 3 – Successful Deployment...............................................................6 Goal.....................................................................................................................................6 Typical Duration..................................................................................................................6 Procedure...........................................................................................................................6 Planning........................................................................................................................6 Training.........................................................................................................................6 Deployment..................................................................................................................6 Operation...................................................................................................................... 7 Feedback......................................................................................................................7 Resources Needed for this Phase......................................................................................8 Output from this Phase.......................................................................................................8 Appendix A - Customer Requirements........................................................9 Installation and Deployment................................................................................................9 Security...............................................................................................................................9 Incident Detection............................................................................................................. 10 Incident Response............................................................................................................10 Configuration.....................................................................................................................11 Event Monitoring............................................................................................................... 11 Data Management............................................................................................................12 Performance.....................................................................................................................12 Architecture.......................................................................................................................13 Product Updates, Technical Support, and Industry Research..........................................13 Other.................................................................................................................................15 Appendix B - System Requirements..........................................................16