Michael Puldy - IBM Emergency Response Service
Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.
Lessons Learned in the Implementation of a Multi-Location Network Based Real-Time Intrusion System
Nov 20, 1998
Abstract
This presentation will highlight IBM's Emergency Response Service's implementation of a multi-location real time intrusion detection system. After evaluating multiple technologies, IBM ERS settled on a network based intrusion detection system to monitor internet traffic. Although the technology of a network based intrusion system is relatively straightforward, the operational and response aspects of a multi-site implementation created a number of opportunities. Issues on scalability, categorization of attacks, signature updates, and general remote management of network based RTID sensors, and how IBM ERS overcame these obstacles will be discussed. Moreover, through various installations of this hardware, across multiple industries, IBM ERS has created a unique database containing the types and the quantities of attacks on internet hosts and firewalls within the United States. Finally, the presentation will discuss operational and financial issues surrounding the establishment of a 24x7 network security operations center.About the Speaker
Prior to Emergency Response Service, Michael was involved in the development and operational implementation for IBM's large business recovery center in Boulder, Colorado, USA. In addition to Michael's tenure at IBM, Michael has over 15 years experience working in various industries including banking, aerospace and government. He has a BS in Computer Science, from Clemson University, and a Masters of Business Administration from the University of North Florida.
Ways to Watch
