Our Intrusion-detec-tion system consists mostly of PCs that act as network sensors by running Snort open-source software. The IDS worked very well in giving us an early warning of an impending SQL Slammer attack a few weeks ago. But communication between my group and the op-erations group broke down, turning what should have been a minor issue into a major problem. Now management is talking about merging remediation responsibilities into my small group—something we're not prepared to handle. We have more than 25 IDS sensors across our network worldwide, and we can see about 90% of the company's internal network traffic. The remaining 10% comes from our engineering labs and remote sales offices, which we plan to monitor as soon as we can get the resources.
展开▼
