Publication | Closed Access
SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS)
72
Citations
0
References
2007
Year
Unknown Venue
EngineeringInformation SecurityInformation ForensicsHardware SecurityData ScienceEnterprise IdpsSystems EngineeringInternet Of ThingsNetwork SecurityIntrusion Detection SystemThreat DetectionSecurity TestingIntrusion ToleranceIntrusion PreventionComputer ScienceData SecurityIntrusion DetectionSecurityIndustrial InformaticsSp 800-94
NIST created this guide to fulfill its statutory duties under FISMA. The guide helps organizations understand, design, implement, configure, secure, monitor, and maintain IDS and IPS systems. It offers practical guidance for network‑based, wireless, network‑behavior‑analysis, and host‑based IDPS, an overview of complementary technologies such as SIEM, and applies to both enterprise and smaller deployments.
The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist organizations in understanding intrusion detection system (IDS) and intrusion prevention system (IPS) technologies and in designing, implementing, configuring, securing, monitoring, and maintaining intrusion detection and prevention systems (IDPS). It provides practical, real-world guidance for each of four classes of IDPS: network-based, wireless, network behavior analysis software, and host-based. The publication also provides an overview of complementary technologies that can detect intrusions, such as security information and event management software. It focuses on enterprise IDPS, but most of the information in the publication is also applicable to standalone and small-scale IDPS deployments.