When deploying a NIDS or NIPS in non-internet gateways, it is configured for anomaly-based detection rather than signature-based detection.
Topic
Using Network-based Intrusion Detection and Prevention Systems
Applicable to
all
History
Priority
must
Jun 2022
Removed
The recommendation to configure NIDS or NIPS in non-internet gateways for anomaly-based detection rather than signature-based detection was removed to allow organisations to configure their NIDS or NIPS as they see fit.
Mar 2022
When deploying a NIDS or NIPS in non-internet gateways, it is configured for anomaly-based detection rather than signature-based detection.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2017
When deploying NIDS/NIPS in non-internet gateways, they must be configured to monitorunusual patterns of behaviour or traffic flows, rather than detect specific internet-basedcommunication protocol signatures.
Control Text Changed. No public explaination.
2015
When deploying NIDS/NIPS in non-internet gateways, they must be configured to monitorunusual patterns of behaviours or traffic flows, rather than detect specific internet-basedcommunication protocol signatures.