I have been working with this product for a few years. I implemented it on
my network at Morgan Stanley, placing scanners in the DMZ's, outside the
perimetere and scattered throughout the inside of the network scanning every
host as often as it could. The system itself is absolutely mindless to
install, give it its own IP and the ip of the management station and away
you go. Once it is installed it preforms beutifully and requires very
little care and feeding of the devices themselves. You will however need to
be ready to deal with the barrage of data it will send you on all the hosts
that are outside policy. Their support is fantastic and is easy to reach,
but honestly in the two years I had it installed I only needed to reach them
a few times and it was because I wanted to do something with the system that
no one else was using it for.
It was easy to extract the data from the main DB and manipulate it for my
own purposes, since I installed it for myself I have helped to install it at
a couple of client locations and have recently integrated it into a few
Skybox implementations. If you want to ask more questions about it, send me
direct email and we can find a time to talk about it.
Hope that helps..
-Kyle
-----Original Message-----
From: Bongers, Coen [mailto:coen.bongers@logicacmg.com]
Sent: Wednesday, November 23, 2005 6:25 AM
To: pen-test@securityfocus.com
Subject: Experiences with company nCircle and their IP360 product
<Message to moderator: I cross-posted this message, because it might be
an interessting issue for both lists>
Hello people,
As a lurking list-user I have allready seen a lot of good information on
these mailing lists. But now I would like to fire-off a question myself;
Does any of the listmembers have any experience with the security
company nCircle and their products? Their product IP360 in particular
has my interest.
The SanFrancisco and Londen based company has some interesting products
for vulnerabillity management and Intrusion Detection. I've met with
representatives of nCircle at some security-fairs in the past and they
strike me as very professional and capable people. Also their products
seem qualitative to me.
Last weeks I've followed a discussion on best pen-test tools on these
mailing lists, but I cannnot remember seeing anything about nCircle's
products.
So, any input on experience with their products and with the company
(European office) would be appriciated.
Possible subjects (amongst others) for response could be;
-Easo of implementation
-Ease-of-use
-Support quality and speed
-Missing features / unique features
-Ease of integreation with other systems
-Portabillity to other networks
-etc
Met vriendelijke groet / with kind regards,
Coen Bongers
Security Consultant
________________________________________
LogicaCMG
* Coen.Bongers@logicacmg.com <mailto:Coen.Bongers@logicacmg.com>
Website: http://www.logicacmg.com <http://www.logicacmg.com/>
________________________________________________________________________
________________________________________________________________________
____________________________________________________
The information contained in this email and its attachments (if any) is
confidential and may be legally privileged. It is intended solely for
the use of the individual or entity to whom it is addressed and others
authorised to receive it. If you are not the intended recipient you are
hereby notified that any disclosure, copying, distribution or action in
reliance of the contents of this information is strictly prohibited and
may be unlawful. LogicaCMG is neither liable for the proper and complete
transmission of the information contained in this email nor for any
delay in its receipt. If received in error, please contact LogicaCMG on
+31 (0)40 295 77 77 quoting the name of the sender and the addressee and
then delete it from your system. LogicaCMG does not accept any
responsibility for viruses and it is your responsibility to scan the
email and attachments.
________________________________________________________________________
________________________________________________________________________
____________________________________________________
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.
----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
