I have a question, is 2 million IDS informational alerts normal for a large enterprise network infrastructure? There are 19 IDS systems total that are generating over 2 million informational alerts per month, is this a normal volume?
I am not sure how many signatures you have enabled so it is hard to tell if it is normal or not. If you are worried about the amount to can change frequency each signature will generate an alert.
I hope this helps.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.