ISO/IEC 18043:2006 信息技术-安全技术-入侵监测系统的选择，调配和操作

标准编号：ISO/IEC 18043:2006

中文名称：信息技术-安全技术-入侵监测系统的选择，调配和操作

英文名称：Information technology — Security techniques — Selection, deployment and operations of intrusion detection systems

发布日期：2006-06

标准范围

ISO/IEC 18043:2006为决定在其IT基础架构中包含入侵检测功能的组织提供了指导。对于想要:了解IDS的好处和局限性的管理者和用户来说，这是一个“如何做”；为IDS制定战略和实施计划；有效管理IDS的输出；将入侵检测集成到组织的安全实践中；并了解部署IDS所涉及的法律和隐私问题。ISO/IEC 18043:2006提供的信息将有助于使用ID的组织之间的协作。它提供的通用框架将有助于使组织更容易地交换有关跨越组织边界的入侵的信息。ISO/IEC 18043:2006提供了入侵检测过程的简要概述；讨论IDS能做什么和不能做什么；提供一个清单，帮助确定特定IT环境的最佳IDS功能；描述各种部署策略；提供管理IDSs警报的指导；并讨论管理和法律考虑。

ISO/IEC 18043:2006 provides guidance for an organization that decides to include an intrusion detection capability within its IT infrastructure. It is a "how to" for managers and users who want to: understand the benefits and limitations of IDS; develop a strategy and implementation plan for IDS; effectively manage the outputs of an IDS; integrate intrusion detection into the organization's security practices; and understand the legal and privacy issues involved in the deployment of IDS.

ISO/IEC 18043:2006 provides information that will facilitate collaboration among organizations using IDS. The common framework it provides will help make it easier for organizations to exchange information about intrusions that cut across organizational boundaries.

ISO/IEC 18043:2006 provides a brief overview of the intrusion detection process; discusses what an IDS can and cannot do; provides a checklist that helps identify the best IDS features for a specific IT environment; describes various deployment strategies; provides guidance on managing alerts from IDSs; and discusses management and legal considerations.

标准预览图