Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Intrusion Prevention requirements document

from [vendortrebuchet] Network Security [Permanent Link]
Subject: Intrusion Prevention requirements document
Date: Fri, 28 Oct 2005 01:09:31 +0000 
All,

I work on a team that manages signature and behavioral based intrusion 
detection systems today.  We have been tasked with reviewing IPS (or whatever 
vendor name acronym you prefer) in '06.  Our normal process is to put together 
a base requirements document to weed out vendors in the first round through a 
paper excercise and then bring in the best we can identify.  My question is, 
has anyone developed a matrix that identifies key qualifiers in an IPS solution 
(e.g. in-line, fails open/closed, reporting features, etc.).  If so, could you 
provide links or the documents?

If not, what categories are most significant to consider in your expert 
opinions?  What reasons did you choose the solution you have?  What would you 
consider if you had to choose over again, etc?

Thanks in advance for your responses.

VT

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Intrusion Prevention requirements document, vendortrebuchet <=
Previous by Date:  RPC Evasion techniques, tcp fin
Next by Date:  Re: RPC Evasion techniques, Nick Black
Previous by Thread:  RPC Evasion techniques, tcp fin
Next by Thread:  On the definition of false positive - was: Re: location of an IPS, Evil Adam Smith
Indexes:  [Date] [Thread] [Top] [All Lists]