How to manage intrusion data

Related Links

Spotting mischief

Agencies that want to implement an intrusion-detection solution must come up with a way to integrate all the monitoring data that is collected.

Getting a clear picture of an attacker or someone accessing resources without authorization requires an integrated approach. There are basically three ways to do this.

* First, you might consider a hybrid solution such as Internet Security Systems Inc.'s RealSecure because it collects both network- and host-related data and you won't have to integrate both datasets to see the full picture.

* Second, you might have your administrator configure both your network- and host-based tools to tap the same data source. Alternatively, you could run a routine or script at certain intervals that harvests various security collection data sources and outputs the information to a single database.

* Third, you might use a system management tool, such as Hewlett-Packard Co.'s OpenView to manage the datasets. This, too, might require some additional configuration and would require the added cost of a system management solution if you don't already have one in place.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.