Review the following key questions that should be asked with respect to the technical and policy capabilities of an IDPS.
• What is your systems environment?
• What are the technical specifications of your systems environment?
• What are the technical specifications of your current security protections?
• What are the goals of your enterprise?
• How formal is the systems environment and management culture in your organization?
• What are your security goals and objectives?
• Is the primary concern of your organization to be protected from threats that originate outside of your organization?
• Is your organization concerned about insider attacks?
• Does your organization want to use the output of your IDS to determine new needs?
• Does your organization want to use an IDPS to maintain managerial control over network usage?
• What is your existing security policy?
• How is it structured?
• What are the general job descriptions of your system users?
• Does the policy include reasonable use policies or other management provisions?
• Has your organization defined processes for dealing with specific policy violations?