Intrusion Detection: Intrusion Detection By Group 10
Outline: Outline Introduction Types of Intrusion Detection System Who? Operating System Cost structure
What is the Intrusion Detection: What is the Intrusion Detection Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions.
Types of Intrusion Detection System : Types of Intrusion Detection System Based on the sources of the audit information used by each IDS, the IDSs may be classified into Host-base IDSs Distributed IDSs Network-based IDSs
Types of Intrusion Detection System : Types of Intrusion Detection System Host-based IDSs Get audit data from host audit trails. Detect attacks against a single host Distributed IDSs Gather audit data from multiple host and possibly the network that connects the hosts Detect attacks involving multiple hosts Network-Based IDSs Use network traffic as the audit data source, relieving the burden on the hosts that usually provide normal computing services Detect attacks from network.
Who? : Who? Trustwave Symantec
What operating System?: What operating System? Windows Linux Mac
Cost: Cost Expense Value ($) Network IDS $10,000 Host IDS $1,000 Management Station - NIDS & HIDS $5,000 (may not apply for all products) Maintenance 15 % of the cost of NIDS and/or HIDS MSSP Network IDS management per year $24,000 ($2K per month) MSSP Host IDS management per year $6,000 ($500 per agent per month) Engineer Cost $75,000 ($60,000 salary plus $15K benefits & admin) Group Manager Cost $100,000 ($80,000 salary plus $20K benefits & admin)
Implementation & Management of one Network IDS and two Host IDS : Implementation & Management of one Network IDS and two Host IDS Single Support 24x7x365 Multi-Shift Support MSSP Support Technology Cost $24,650 $24,650 $24,650 Management Cost $225,000 $1,425,000 $108,000 Total Cost $249,650 $1,449,650 $132,650 Average Cost Per Year $83,217 $483,217 $44,217 Average Cost Per Device Per Year $27,739 $161,072 $14,739
Implementation & Management of 15 Network IDS and 15 Host IDS : Implementation & Management of 15 Network IDS and 15 Host IDS Single Support 24x7x365 Multi-shift Support MSSP Support Technology Cost N/A $268,250 $268,250 Management Cost N/A $1,425,000 $1,350,000 Total Cost N/A $1,693,000 $1,618,250 Average Cost per Year N/A $564,417 $539,417 Average Cost Per Device Per Year N/A $18,814 $17,981
Thank you!: Thank you!