Guide to Intrusion Detection and Prevention Systems (IDPS)

Published: February 20, 2007

Author(s)

Karen A. Scarfone, Peter M. Mell

Abstract

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist organizations in understanding intrusion detection system (IDS) and intrusion prevention system (IPS) technologies and in designing, implementing, configuring, securing, monitoring, and maintaining intrusion detection and prevention systems (IDPS). It provides practical, real-world guidance for each of four classes of IDPS: network-based, wireless, network behavior analysis software, and host-based. The publication also provides an overview of complementary technologies that can detect intrusions, such as security information and event management software. It focuses on enterprise IDPS, but most of the information in the publication is also applicable to standalone and small-scale IDPS deployments.
Citation: Special Publication (NIST SP) - 800-94
Report Number:
800-94
Pub Type: NIST Pubs

Supersedes

Download Paper

Keywords

FISMA, intrusion detection, intrusion detection and prevention, intrusion prevention
Created February 20, 2007, Updated February 19, 2017