Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Policies for having identified an attack via IPS....

Status
Not open for further replies.

thegalaxyboy

IS-IT--Management
Nov 21, 2007
5
GB
Hello,

What sort of policies would systems security staff recommend in an environment where a IPS device is deployed. For example, say an attack has been detected - what policy and procedure would you recommend to have in place for this?

Thanks.
 
Well, attacks from the internet I would ignore, they're to be expected.

There should be a swift policy in place for internal attacks that would report the incident, locate the attacker in the network, remove them, then report the conclusion.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top