In our current environment, Central Washington University does not implement any intrusion detection or intrusion prevention systems (IDS/IPS). These systems are network security devices that reside on the network and listens to the traffic. The purpose of these devices is to detect intrusions as they happen and then prevent them from intruding on our network. This includes protocol-based inspection, protection against advanced malware, zero-day attacks, Distributed Denial of Service Attacks, and botnets.
The need for an effective intrusion detection/prevention solution is driven primarily by:
Best practice: We currently do not have any way of detecting intrusions on our network other than from a forensic perspective.
PCI / HIPAA Compliance: Both the PCI and HIPAA federal compliance standards require that an IDS/IPS system is in place.
Cedar Crestone Security Recommendations: The Cedar Crestone security assessment indicates that the implementation of an IDP/IPS system is a critical part of the deployment of the PeopleSoft Portal environment.
Sponsoring Department(s): Security Services Department
Date of Business Case Preparation: 10/8/13
Contact Person Name/Phone: Andreas Bohman / 2499