| 1. The network administrator shall identify a list of DOD approved host-based and network-based IDSs (e.g., ISS Real Secure, ISS Proventia, Symantec Intruder Alert). |
2. The network administrator shall perform an analysis to determine advantages and disadvantages of individual IDSs identified.
3. The network administrator shall select host-based and network-based IDSs that satisfy the IA requirement and that are suitable to the system and network environment.
4. The network administrator shall install the IDSs in a lab environment, configure the IDSs in accordance with vendor’s security administration guide, and test the installed IDSs for their functionality.
5. The network administrator shall install the IDSs in the operational environment.
6. The project management shall determine who will operate and review the IDSs and the method of managing the IDS (e.g., remote management via VPN in band/out of band, local management)