The initiative is a long-range plan to upgrade the security of the federal government's networks and comprises a number of separate proposals, most notably an overhaul and expansion of the government's intrusion detection system, known as Einstein. Currently, Einstein is simply a passive traffic-monitoring system that records basic data such as the originating IP address of a packet, its size and where the packet came from and where it is headed. But the data that the system captures is not analyzed in real time, so attacks and other anomalies aren't caught until well after the fact. And, Einstein is a voluntary program and is not in place at all of the federal agencies right now.

If there was one place where you'd think that security would be state-of-the-art and cutting edge, it would be our own federal government networks. I really don't see any necessary trade-off between "security" and "convenience" when it comes down to national security. What do you think a government IDS should have to set the benchmark for security?

The link for this article located at SearchSecurity.com is no longer available.