Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Policies for having identified an attack via IPS....

Status
Not open for further replies.
thegalaxyboy

thegalaxyboy

IS-IT--Management
Nov 21, 2007
5
GB
Hello,

What sort of policies would systems security staff recommend in an environment where a IPS device is deployed. For example, say an attack has been detected - what policy and procedure would you recommend to have in place for this?

Thanks.
 
Sort by date Sort by votes
Well, attacks from the internet I would ignore, they're to be expected.

There should be a swift policy in place for internal attacks that would report the incident, locate the attacker in the network, remove them, then report the conclusion.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Solved
Not able to log into my previous account, and there's no "Forget Password"
Replies
15
Views
1K
Chris Miller
Chris Miller
H
  • Question
Call Pilot 100 - # of times the phone rings before answering machine picks up
Replies
0
Views
579
Huron Oaks
H
sara1995
  • Locked
  • Question
IDS vs Firewall vs WAF for protect website against dos attacks
Replies
1
Views
343
mattKnight
mattKnight
SamBones
  • Locked
  • Question
What Goes Into an SSH Public Key?
Replies
2
Views
249
burtsbees
burtsbees
DrB0b
  • Locked
  • Question
Help Please, Trying to Convince Company Mixing Personal and Corporate Email is Bad Practice
Replies
9
Views
562
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top