Q

Differences between open-source and commercial IDS

Here, Michael Gregg explains the differences between open-source and a commercial IDS.

What is the difference between open-source IDS (Snort) and a paid IDS (hardware IDS)?

IDS systems can be gathered into a couple of broad categories as to how they function. These usually fall along the lines of how the specific system detects violations. Therefore they may detect errors by looking at a deviation from normal activity or by means of a signature. Snort is a signature based IDS. Snort requires that you setup specific signatures that it is to alert you to should they be detected. Snort is also an open source product. The question as to what is better, open source or paid is open for debate. It's much like saying you would you prefer running an open source OS like Linux or commercial one like Windows. A commercial IDS will most likely offer you a support and maintenance should things go wrong or you need help. While you may not get that with Snort you do have access to a large user base that runs the application and are ready and willing to help. Many people are more comfortable with a commercial tool, while others simply don't have the resources or capital to afford a commercial IDS. Commercial IDS systems may have you wait for update, while open source solutions can be updated at any time. Regardless of what IDS you choose to install plan to spend a week or more setting it up and configuring it. After all that's the real task here is having it configured in such a way as to detect bad behavior and ignore non-problems.
This was first published in August 2006

Dig deeper on Network Security Best Practices and Products

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close