Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MSSP / IDS Selection

from [Mark Teicher] Network Security [Permanent Link]
Subject: Re: MSSP / IDS Selection
Date: Wed, 16 Mar 2005 16:40:52 -0500 (GMT-05:00) 
Are you looking for opinions regarding outsourcing managed security services 
versus internally.  If your organization brings the managed of security 
services in house, it is very hard to sue an internal person or internal 
department for doing something silly, but if you are being monitored by a 
managed security service who have service level agreements, it is much easier 
to to sick some lawyerly type people or contract beedy eyed people at them.  
The bigger issues with MSS/MSP's is quality of service, how much for how 
little, if you pay this much money, how much do you get in return on reporting, 
analyzt, provisioning, etc.

The biggest concern with outsourcing managed security services is you get what 
you pay for, unless some offer manager tells you different, if they say "plus 
you got all of this plus a big mean grumbly guy out of NC who will call every 
once in a while to tell you someone is rattling your network door knobs", it 
might not be so bad then :)



-----Original Message-----
From: KJP <kjp011975@gmail.com>
Sent: Mar 13, 2005 5:51 PM
To: focus-ids@securityfocus.com
Subject: MSSP / IDS Selection

I have spent much time researching various MSSP's NetSec, Verisign,
Counterpane, and LURHQ for my company.  After much research we decided
to go with Verisign for numerous reasons.  After selecting Verisign we
began narrowing down pricing.  On a monthly level the pricing looks
ok, until you look at it at a yearly level the pricing starts to get
scary.

We looked into doing the same service internally using Snort.  I
remembered the comercial implentation of Sourcefire and began
researching it.  It appears to offer services that Snort does not, RNA
and Defense Center offer the pieces missing from Snort, plus it
packages the support so I don't need to worry about hardware support,
OS support, etc.

What are the opinions of Snort and Sourcefire versus ISS, Cisco,
Enterasys, Symantec?

Thanks in advance.

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------





--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: MSSP / IDS Selection, Phil Hollows
Next by Date:  Re: How to choose an IDS/FW MSS provider, Dave Aitel
Previous by Thread:  RE: MSSP / IDS Selection, Phil Hollows
Next by Thread:  IDS signatures order, Sergey V Soldatov
Indexes:  [Date] [Thread] [Top] [All Lists]