Network Security: Detailed info on RE: eEye Blink and other Endpoint IPS solutions.

Subject:	RE: eEye Blink and other Endpoint IPS solutions.
Date:	Tue, 28 Jun 2005 09:18:58 -0500

Mina,

I work with Cisco Security Agent on a daily basis.  I have yet to find
any significant performance issues.  PC's today are so fast that the
processor utilization of such software is not noticeable.  If you are
talking older sub GHz machines, this may be a different story.  Network
intrusion prevention\detection does not keep your users from downloading
viruses nor does it prevent the threat of internal attacks.  I have
personally seen CSA stop 0 day viruses in my network.  Since CSA is
behavioral based, not signature based like NIDS or NIPS, it prevents
known and unknown threats.  You should look into it.  I have not
personally used Blink, I have used some of Eeye's other products and
have no complaints.  But I have had customers demo both Blink and CSA
side by side, and they ended up purchasing CSA.  

 


Billy

-----Original Message-----
From: mashraf@hushmail.com [mailto:mashraf@hushmail.com] 
Sent: Monday, June 27, 2005 6:05 AM
To: focus-ids@securityfocus.com
Subject: eEye Blink and other Endpoint IPS solutions. 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Is there anyone out there using Host Based Intrusion Detection systems
like eEye's Blink that would care to comment on their performance? What
I'd like to know is what kind of impact they have on system performance
and how their effectiveness compares to NIPS.
They seem to be far cheaper for small to medium size businesses and
would seem to avoid the question of whether the IPS can handle network
traffic greater than 1Gbs. Or am I trying to compare apples and oranges?

Thanks,
Mina
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkUEARECAAYFAkK/3WcACgkQbCO63n74eTMykQCdHVG9qBTDlM+hTCbpXyaMeYfgCGEA
mNG0NCAshWhaO/l1k+qYHHq9PqM=
=c6ai
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get secure FREE email:
http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427


------------------------------------------------------------------------
--
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
--




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
eEye Blink and other Endpoint IPS solutions., mashraf RE: eEye Blink and other Endpoint IPS solutions., Alex Arndt Re: eEye Blink and other Endpoint IPS solutions., Mark Teicher RE: eEye Blink and other Endpoint IPS solutions., Billy Dodson <=

Previous by Date:	Re: eEye Blink and other Endpoint IPS solutions., Mark Teicher
Next by Date:	Re: Re: FW: IDS Signature Confidence, bbhikkaji
Previous by Thread:	Re: eEye Blink and other Endpoint IPS solutions., Mark Teicher
Indexes:	[Date] [Thread] [Top] [All Lists]