Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: IPS comparison

from [Alexis Villagra - VILSOL LatinAmerica] Network Security [Permanent Link]
Subject: RE: IPS comparison
Date: Tue, 26 Jul 2005 03:54:59 -0500 
check sonicwall IPS at www.sonicwall.com it argues to habe mor e than 1800
ips signatures more than any other

-----Mensaje original-----
De: Lyal Collins [mailto:lyal.collins@key2it.com.au]
Enviado el: Martes, 26 de Julio de 2005 02:11 a.m.
Para: mleroux@lincsat.com; 'Leif Sawyer'; pen-test@securityfocus.com
Asunto: RE: IPS comparison


I'd also suggest get trial boxes/software from the vendor(s) on your short
list, and do a comparison In Your Environment.

Everyone's mileage varies with these products so far - useability.
Configurability, rule/policy creation, false alerts.

Or install Snort with felxresp or inline, and assess what you really need
from an IPS before you buy one.

To be controversial, here's a parting thought for the community:
Since your web/application servers are always your "IPS of last resort"
(i.e. eventually, packets always get to your apps), are IPS products in the
essential category, nice to have category, or a "status" product?
(I actually think they are better for reporting and alerting than the label
IPS suggests)

Lyal



-----Original Message-----
From: Martin [mailto:mleroux@lincsat.com]
Sent: Tuesday, 26 July 2005 9:02 AM
To: 'Leif Sawyer'; pen-test@securityfocus.com
Subject: RE: IPS comparison


A Good start would be to have a look at http://www.nss.co.uk/ it features a
number of products and very well done.

Cheers

-----Original Message-----
From: Leif Sawyer [mailto:lsawyer@gci.com]
Sent: Monday, July 25, 2005 4:34 PM
To: pen-test@securityfocus.com
Subject: RE: IPS comparison


bw [bjshhsjb \@ yahoo.com]  wrote:

I have been tasked with comparing IPS appliances. I am seriously
looking at top layer's product line and tipping point. Does anyone
have a spreadsheet or know of any tool they would be willing to share
for comparing products. Im new to this so any help would be
appreciated


I almost wonder if it's of more importance to review the IDS
collection/analysis engines?

With so much data available, who has time to look at it all, without some
method of distilling it all down to useful data?

Protego (now Cisco MARS), Checkpoint Eventia, ...

are there any others?  There must be.  But with this being such a "new"
model, I haven't seen a lot of information comparing these types of products
yet.



__________ NOD32 1.1177 (20050725) Information __________

This message was checked by NOD32 antivirus system.
  part000.txt - is OK

http://www.eset.com


__________ NOD32 EMON 1.1177 (20050725) information __________

The email was checked by the NOD32 antivirus system:
email from: lyal.collins@key2it.com.au to: mleroux@lincsat.com; 'Leif
Sawyer'; pen-test@securityfocus.com with subject RE: IPS comparison dated
07/26/2005 2:44  - is OK

http://www.eset.com


__________ NOD32 EMON 1.1177 (20050725) information __________

The email was checked by the NOD32 antivirus system:
email with subject RE: IPS comparison dated 07/26/2005 3:54  - is OK

http://www.eset.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IPS comparison, Lyal Collins
Next by Date:  RE: IPS Comparison, Security Focus
Previous by Thread:  RE: IPS comparison, Lyal Collins
Next by Thread:  RE: IPS comparison, Security Focus
Indexes:  [Date] [Thread] [Top] [All Lists]