A NIDS or NIPS is located immediately inside the outermost firewall for gateways and configured to generate event logs and alerts for network traffic that contravenes any rule in a firewall ruleset.
Topic
Using Network-based Intrusion Detection and Prevention Systems
Applicable to
all
History
Priority
recommended
Mar 2022
A NIDS or NIPS is located immediately inside the outermost firewall for gateways and configured to generate event logs and alerts for network traffic that contravenes any rule in a firewall ruleset.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
NIDS/NIPS located behind a firewall should be configured to generate a log entry, and analert, for any information flows that contravene any rule in the firewall rule set.
2010
It is recommended that in addition to defined configuration requirements, IDSs located inside a firewallbe configured to generate a log entry, and an alert, for any information flows that contravene any rule inthe firewall rule set.