Some time back when I was testing the Cisco IDS system at a Cisco Offshore Development center, I often felt like we are in an era of ‘converged solutions’ but often the elements are not converged at all.

A distributed Intrusion Detection/Prevention System should be able to manage itself to a larger extent on the operational side and should leverage the fuctionality of assessments to the Network Security Auditor

The article is a mix of ideas I brooded and published at SecurityDocs

[Click to redirect to the article]