Host-based Intrusion Detection Software (HIDS) | Office of Information Technology

Host-based Intrusion Detection Software (HIDS)

Last Updated: 01/27/2016

Overview

CU-Boulder now requires that all highly confidential data servers have host-based intrusion detection software installed and used by the server administrator. To help facilitate this requirement, OIT and IT Security have developed helpful support resources for server administrators, as well as two recommended no-cost solutions called Tripwire Enterprise and OSSEC.

  • Host-based intrusion detection software is required on all highly confidential data servers and recommended for all Internet facing servers.
  • OIT provides two no-cost solutions:
    • Tripwire Enterprise software, license, and training:
      • Windows, Linux, and Unix servers
    • OSSEC resources and training:
      • Macintosh OS X server
    • OIT recommends these solutions and will provide the best level of support for customers who use Tripwire Enterprise or OSSEC.
    • OIT will provide server administrators with a Tripwire Enterprise license after the server administrator attends a training session, conducted on-campus by IT Security.
  • Server administrators can use an alternative solution.

Cost

OIT provides two no-cost solutions (Tripwire and OSSEC).

Who can get it

Host-based intrusion detection software (HIDS) is to be installed and used by the server administrator.

How to get it

Attending a no-cost training session facilitated by IT Security is required to acquire the software and support for both Tripwire Enterprise and OSSEC. These trainings will give you a security refresher, general information about HIDS, and instructions for how to acquire site licenses and help. Contact the IT Security Office to sign up for IT Security training.