Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to choose an IDS/FW MSS provider

from [Stephane] Network Security [Permanent Link]
Subject: Re: How to choose an IDS/FW MSS provider
Date: Tue, 15 Mar 2005 09:36:18 +0100 


[...]

And what about incident handling and response? If something might happen is your MSS there for Protect & proceed or Pursue & prosecute? Product vendors or normal IT companies entering the MSS market often lack this experience.



How long does Internet Security Systems provide the market with MSS? Is it something growing or not? Could you grow without quality?

For the incident handling response, I am almost sure a serious MSS provider has kinda a list of who to call in case of... with sort of an escalation path in that list. Maybe an MSS consultant keeping his car warm to jump to get to the customer or having a special Delta subscription ;-) I'd really trust a company like ISS because of X-Forces being behind the signatures and other updates thorugh. Who the hell might be better that ISS in terms of IDS experience? If you've got more on this, let us know here.

It looks through the emails that ISS is well known for the apps and not yet really for services deliveries. But, just think about a sales guy having to sell IDS related apps. If he has got an MSS infrastructure to show to potential customers, it looks very good! Of course he can't say to the potential customers who are the MSS customers but this grow the trust on the apps! Like, we've got 1000 IDS, 1500 firewalls... means, 2500 customers trust us already! Why not you? or why don't you buy Site Protector and Proventia? According to what I've red here, I am not surprised ISS is pushing to make MSS growing, it is a question on positionning the Site Protector on a market getting more and more competitive.

Also, based on what I've seen on the www, they do manage CheckPoint. They are by then neutral-vendor, this is very good in a pure ISS commercial prospective and I might not be too surprised if somebody here says that they have just customers with a big bunch of CP firewalls without any IDS (yet!)

Regards,

Stephane

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  MSSP / IDS Selection, KJP
Next by Date:  RE: How to choose an IDS/FW MSS provider, Dahl-Hansen, Kjetil
Previous by Thread:  Re: How to choose an IDS/FW MSS provider, fuijdancer
Next by Thread:  Re: How to choose an IDS/FW MSS provider, Peter Schawacker
Indexes:  [Date] [Thread] [Top] [All Lists]