A well define thought and planning for Gem Infosys is necessary before installing an Intrusion Detection System (IDS) on a network. Besides technical issues and product selection another serious factor are the resource issues that includes manning the sensor feeds, product expenses and infrastructure support that must also be kept in mind.
These systems could be any workstation, server or other network peripherals such as a router. The IDS system runs as a service or a process and has the ability to detect the network traffic on the host system. To save the system from past threats a "threat signature" database is present to make sure that the system is not vulnerable to those threats. Microsoft, Cisco and Tripwire etc. are some of the companies that deal in these IDS systems. (Spafford, Zamboni, 2000)
2. Network Based IDS: These are systems that confine and analyze packets on the wire. Network based IDS are used to protect the entire systems on the network unlike Host base IDS which are built for a single system. After confining the packets on the network they send it to the IDS console for inspection. Major vendors include Cisco and Symantec.
As Gem infosys is a small software company having just 10 PC's and a broadband connection should not face much difficulty with the IDS system. But sometimes IDS solutions can bring out bogus alarms that may result in incorrect distribution of information. Inadequate potential and bad configuration choices are the major factors for this kind of problem. On the other hand many products need to be kept updated and well managed to avoid problems such as well updated sensors.