HostedDB - Dedicated UNIX Servers

pilot_4 August 28, 1998 Intrusion Detection Pilot Program Guide 1 Intrusion Detection Pilot Program Guide Introduction & Scope Because of their advanced functionality and feature sets, network-based intrusion detection products are often difficult for customers to evaluate. A framework for comparing products with a robust and consistent set of criteria is, therefore, useful to potential customers of intrusion detection systems. This document describes a process by which you can evaluate network-based intrusion detection products. It will help you ask the right questions when evaluating, help you understand how best to explore the product candidates, and help you make a buying decision. A typical evaluation process consists of three phases: Phase 1:  Requirements Definition. Deciding what’s important to you. Phase 2: Product Evaluation. Selecting the right product to meet your needs. Phase 3: Successful Deployment. Deploying the solution in your organization effectively. At each stage of the evaluation process, we recommend being assisted by the vendor of the intrusion detection product to ensure that you get an accurate assessment of the product’s capabilities. Through the structured approach provided by this document, you will be able to identify your needs, objectively evaluate LAN-based intrusion detection products, select the right product, and implement it successfully in your organization.