Select and Implement an Intrusion Detection and Prevention System

Unlock

This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

Your Challenge

  • Threats are evolving every day, and are unforeseeable and diverse. Protecting information has become less about technology and more about contributing to sustainability of your organization as a whole.
  • Advanced Persistent Threats (APTs) and Zero-Day attacks are taking organizations by surprise, and Intrusion Prevention Systems (IPS) have had to adapt to the playing field by adding features to address these threats.
  • The marketspace of Intrusion Detection and Prevention System (IDPS) solutions has many options, but identifying the right product with the right features for your organization can be complicated. As the market evolves, capabilities that were once cutting edge become default and new functionality becomes differentiating.

Our Advice

Critical Insight

  • Differentiation comes with costs. Most IDPS solutions offer similar features, so the real decision comes down to cost – which varies depending on where you’re putting sensors. It can be a significant investment.
  • Integration for ease of management. Reflective of the overall security space, IDPS integrating with SIEM, NAC, and firewalls means more consolidation, more visibility into network activity, and more security for organizations.
  • Signature analysis growing stagnant. Features-wise, solutions are starting to expand on traditional signature analysis to include heuristics and behavioral analysis to identify more unknown attacks.

Impact and Result

  • Prepare to implement IDPS by understanding your organizational (resources, etc.) and architectural (data centers, PCI-DSS zones, etc.) requirements.
  • Understand top competitors in the space and how they can meet your specific requirements in terms of features.
  • Ready your team for deployment and incident response, creating metrics to measure improvement and eventually demonstrate value.

Select and Implement an Intrusion Detection and Prevention System

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should select and implement an intrusion detection and prevention system, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.


1

Launch the IDPS project

Assess the value and identify the organization’s fit for IDPS technology, and structure the IDPS selection project.

4

Plan the IDPS implementation

Plan the IDPS implementation and measure the value of the IDPS solution.

Onsite Workshop

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Launch Your IDPS Selection Project

The Purpose

  • Identify the advantages of IDPS to your organization.
  • Analyze the costs and benefits of the solution.
  • Prepare for the selection process.

Key Benefits Achieved

  • Understanding of how to quantify the value of the IDPS solution.
  • Justified argument for the cost of the IDPS solution.
  • Formally documented procurement process.

Activities:
Outputs

1.1

Identify drivers behind IDPS procurement.

  • Rationale behind the IDPS procurement.

1.2

Assess IDPS appropriateness.

  • Understanding of the appropriateness of the tool.

1.3

Understand cost-benefits of IDPS.

  • Completed IDPS Financial Calculator.

1.4

Identify staff resourcing and stakeholders.

  • Identification of staff and stakeholders.

1.5

Create IDPS selection project plan.

  • Completed IDPS Procurement Project Charter.

1.6

Determine metrics for IDPS evaluation.

  • List of metrics to assess the solution.

1.7

Select pilot group.

  • Pilot group identified to test the solution.

Module 2: Analyze IDPS Requirements and Shortlist Vendors

The Purpose

  • Determine what you need from an IDPS solution.
  • Understand the use case that applies to your organization.
  • Identify the top solutions for your organizational needs.

Key Benefits Achieved

  • Alignment of IDPS requirements with the business.
  • Appraisal and identification of the applicable IDPS use-case scenarios to ensure evaluation of the most relevant features.
  • Effort saved in evaluating all vendors; only focus on the shortlist.

Activities:
Outputs

2.1

Gather and align requirements for IDPS.

  • Documented functional and solution requirements.
  • Aligned requirements for IDPS.

2.2

Determine your best-fit use-case scenario(s).

  • Identified applicable use-case scenarios.

2.3

Review Info-Tech’s vendor evaluation.

  • Formal evaluation of the marketspace.

2.4

Create custom vendor shortlist from relevant scenarios.

  • Shortlist of vendors who provide the best solution given your needs.

Module 3: Plan Your Procurement Process

The Purpose

  • Focus on solution requirements that matter.
  • Streamline the RFP development.
  • Prepare a script for the vendor demo.

Key Benefits Achieved

  • Optimized selection based on relevant requirements.
  • Formalized RFP document.
  • Standardized process to fairly test the products.

Activities:
Outputs

3.1

Create and prioritize solution requirements.

  • Prioritized solution requirements.

3.2

Determine key advanced features.

  • Custom IDPS Vendor Landscape Shortlist and Detailed Feature Analysis Tool

3.3

Create and evaluate RFP document.

  • Completed and optimized RFP document.

3.4

Develop vendor demo script.

  • Comprehensive vendor demo script.

Module 4: Plan Your IDPS Implementation

The Purpose

  • Prepare to implement the IDPS solution.
  • Streamline the hand-off to Operations.

Key Benefits Achieved

  • Defined IDPS implementation plan.
  • Efficiently hand off IDPS implementation to operations.

Activities:
Outputs

4.1

Create implementation plan.

  • Formalized implementation plan.

4.2

Re-evaluate metrics for implementation.

  • Confirmed metrics for IDPS.

Search Code: 73757
Published: November 15, 2013
Last Revised: May 22, 2015