S Independent and Comprehensive Intrusion Detection Management

Coverage of services and configuration influence the efficiency of Intrusion Detection Systems (IDS). Today, IDS have vendor-specific configurations and this limits a wide coverage of services by IDS. Operations might become complex, in case of usage of multiple systems. Efforts and frame conditions for a multi-vendor IDS implementation under one central administration and notification entity will be demonstrated. This solution provides administrators one consistent front-end for all integrated IDS. The security level will be improved by one central administration entity for the complete IDS solution independent of the respective IDS vendor. Updates and parameter modifications could be done from this supervising point. There is still no constraint to allow a connection from any analyzer to the Internet or the central operations LAN for notifications or to update itself. Managers are independent from the rest of the IDS. IDS of different vendors and analyzing levels are able to manage with one administration interface.