Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security ISSForum
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ISSForum] Policy on Proventia A

from [Ballerini, Jean Paul (ISS EMEA)] Network Security [Permanent Link]
Subject: RE: [ISSForum] Policy on Proventia A
Date: Tue, 16 Nov 2004 07:48:07 +0100 
Jason,

This is going to be release at the beginning of next year, and with a
brand new policy editor!

Jean Paul

-----Original Message-----
From: issforum-bounces@atla-mm1.iss.net On Behalf Of Jason Baeder
Sent: Friday, November 12, 2004 4:10 PM
To: issforum@atla-mm1.iss.net
Subject: [ISSForum] Policy on Proventia A

I've just started a new job at a site where SiteProtector and a
Proventia A are already installed. I've not used ISS IDS since RS 5.0,
so please excuse my lack of knowledge should I be raising a "dead"
issue.  I'm only just beginning to catch up on V. 7.0.

The installed Proventia is utilizing all four monitoring NICs, each
connected to a different network segment -- outside _and_ inside the
firewall.  After searching the documentation, the KB and forum
archives, I have come to the conclusion the Proventia A can only have
one policy applied.  I have advised the customer that this is not an
effective IDS strategy.  The customer is aware of this, but stated that
this strategy was taken as he was told by ISS a year ago that "in the
future" the Proventia would allow one to apply distinct policies to
individual NICs.    

I saw a forum posting dated May 2004 which stated, as of that time,
this capability did not exist.

Does ISS have any plans to implement this capability?

Jason Baeder
CISSP, GCIA



                
__________________________________ 
Do you Yahoo!? 
Check out the new Yahoo! Front Page. 
www.yahoo.com 
 

_______________________________________________
ISSForum mailing list
ISSForum@iss.net

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@iss.net

The ISSForum mailing list is hosted and managed by Internet Security
Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.



_______________________________________________
ISSForum mailing list
ISSForum@iss.net

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to 
https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@iss.net

The ISSForum mailing list is hosted and managed by Internet Security Systems, 
6303 Barfield Road, Atlanta, Georgia, USA 30328.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ISSForum] Information about Proventia Change-State Gap, Dan Widger
Next by Date:  [ISSForum] Reducing the number of events, Mohr James
Previous by Thread:  [ISSForum] Policy on Proventia A, Jason Baeder
Next by Thread:  [ISSForum] Logging of SP console access, Freese, Kai
Indexes:  [Date] [Thread] [Top] [All Lists]