Ask the Expert

Differences between open-source and commercial IDS

What is the difference between open-source IDS (Snort) and a paid IDS (hardware IDS)?

    Requires Free Membership to View

IDS systems can be gathered into a couple of broad categories as to how they function. These usually fall along the lines of how the specific system detects violations. Therefore they may detect errors by looking at a deviation from normal activity or by means of a signature. Snort is a signature based IDS. Snort requires that you setup specific signatures that it is to alert you to should they be detected. Snort is also an open source product. The question as to what is better, open source or paid is open for debate. It's much like saying you would you prefer running an open source OS like Linux or commercial one like Windows. A commercial IDS will most likely offer you a support and maintenance should things go wrong or you need help. While you may not get that with Snort you do have access to a large user base that runs the application and are ready and willing to help. Many people are more comfortable with a commercial tool, while others simply don't have the resources or capital to afford a commercial IDS. Commercial IDS systems may have you wait for update, while open source solutions can be updated at any time. Regardless of what IDS you choose to install plan to spend a week or more setting it up and configuring it. After all that's the real task here is having it configured in such a way as to detect bad behavior and ignore non-problems.

This was first published in August 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: