I've been reading this list for a while, but haven't introduced myself. My name is Dave Bailey and I now do consulting, R&D, and training in computer and network security. In a former life, I was responsible for computer and network security (for about a dozen years) at the Los Alamos National Laboratory in the US. I have several years experience with IDS and once spent most of a year setting up and running and NSM system on a large local network. There is about a decade of research on this subject and a few pilot projects, but very little has reached the product stage. My question is this: Is anyone (or, I suppose, has anyone) implemented and run, in any sort of production sense and IDS system (or is this just an academic interest)? If so, which ones and what experience have you had? Was it successful? ---DB