What Are The Advantages And Disadvantages Of Intrusion Detection System Using It In Corporate Environment?

1 Answers

Anonymous Profile
Anonymous answered
Advantages:
  • the sensors can be secured well as they "only" observe traffic
  • you can detect scans better - on the basis of signatures... You can "filter" traffic (actually, we will show later that this is not always the case)


Disadvantages:
  • the probability of so called false negatives (attacks are not detected as attacks) is high as it is difficult to control the whole network
  • mostly, they have to operate on encrypted packets where analysis of packets is complicated
  • as a difference to host-based IDS they do not see the impacts of an attack

Answer Question

Anonymous