Following up on last week’s post about Security Information & Event Management (SIEM) devices, I decided to delve a bit deeper into intrusion detection and prevention (IDS/IPS), as it’s one of those technologies that required adaptation to work with virtualization. If you run a virtualized or cloud environment, I’m sad to tell you that unless you recently purchased a virtualized IDS/IPS device, your current device works fantastic on your network, but is not seeing anything that is going on in your VM environment. Why is that? Let me explain… Continue reading →