Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IPS comparison

from [DokFLeed] Network Security [Permanent Link]
Subject: Re: IPS comparison
Date: Tue, 26 Jul 2005 13:16:46 +0400 
bw,
I made something similar lately,
first of all start with http://www.nss.co.uk/
personally I would go with TopLayer, the only once passed both tests.

another thing, take a look at the products history, things like
who started as an IPS not an IDS, who is ASIC based , how many proven concurrent connections it can handle ,
does it follow a protocol analysis or signatures throw & catch.

finally for reference if it makes any sense
· The lack of a stateful firewall for all connections and policy control. A hardware limit of 10,000 signatures, which can all be used up if diverse policies are specified for different segments or IP addresses with existing signatures, leaving no room for expansion.
· The lack of effective high availability solutions that increase performance and scalability cannot reliably support asymmetry in networks HA decreases performance significantly.
· Lack of network infrastructure class reliability, required for in-line deployments.
· Close to 100% reliance on IDS like signatures for protection. Digital Vaccine, or automatic signature updates on an inline infrastructure device is thus necessary, and poses a risk of automated blocking of real world business traffic, and potentially violates network change control policies.
· No real world Denial of Service (DoS) or DDoS protection.
· Built around an off the shelf Layer 2 switch ASIC and off the shelf network processors, even claimed latency at between 1ms and 215 ?s is too high for inline deployments.

TopLayer series handle around 30,000 connection with a latency of 0.04 ms and 0.08 ms with deep inspection enabled

Please disregard it, if it does not make any sense :)

DokFLeed
Smoke Dope, Eat Soap, Fly Home in a Bubble

----- Original Message ----- From: "bw" <bjshhsjb@yahoo.com>
To: <pen-test@securityfocus.com>
Sent: Monday, July 25, 2005 8:52 PM
Subject: IPS comparison


I have been tasked with comparing IPS appliances. I am
seriously looking at top layer's product line and
tipping point. Does anyone have a spreadsheet or know
of any tool they would be willing to share for
comparing products. Im new to this so any help would
be appreciated

thank you

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IPS Comparison, Security Focus
Next by Date:  RE: IPS comparison, Security Focus
Previous by Thread:  IPS comparison, bw
Next by Thread:  RES: IPS comparison, Charbel Chalala Issa
Indexes:  [Date] [Thread] [Top] [All Lists]