U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-94 Rev. 1 (Initial Public Draft)

Guide to Intrusion Detection and Prevention Systems (IDPS)

Date Published: July 2012
Comments Due: August 31, 2012 (public comment period is CLOSED)
Email Questions to: 800-94comments@nist.gov

Planning Note (07/15/2022): This draft document has been retired. The inputs and comments to the draft were no longer applicable to the relevant threat models. NIST will announce when it initiates work to provide new guidance for IDS/IPS.

Author(s)

Karen Scarfone (Scarfone Cybersecurity), Peter Mell (NIST)

Announcement

NIST announces the public comment release of Draft Special Publication (SP) 800-94 Revision 1, Guide to Intrusion Detection and Prevention Systems (IDPS). This publication describes the characteristics of IDPS technologies and provides recommendations for designing, implementing, configuring, securing, monitoring, and maintaining them. The types of IDPS technologies are differentiated primarily by the types of events that they monitor and the ways in which they are deployed. This publication discusses the following four types of IDPS technologies: network-based, wireless, network behavior analysis (NBA), and host-based. Draft SP 800-94 Revision 1 updates the original SP 800-94, which was released in 2007.

Abstract

Keywords

information security; intrusion detection
Control Families

Audit and Accountability; Incident Response; Planning

Documentation

Publication:
Draft SP 800-94 Rev. 1 (pdf)

Supplemental Material:
None available

Document History:
07/25/12: SP 800-94 Rev. 1 (Draft)