Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: RE: Best IPS system?

RE: Best IPS system?

From: Randal T. Rioux <randy_at_procyonlabs.com>
Date: Sat, 10 May 2008 01:40:49 -0400 (EDT)

>> -----Original Message-----
>> From: listbounce_at_securityfocus.com
>> [mailto:listbounce_at_securityfocus.com] On Behalf Of Shelly Beasley
>> Sent: Wednesday, May 07, 2008 3:01 PM
>> To: focus-ids_at_securityfocus.com
>> Subject: Best IPS system?
>>
>> Hello mailing list,
>>
>> I would like to buy the "best" system available to the IPS
>> network of my business. My company has only 200 users, all
>> share an Internet connection (10 m). We now use Sonicwall to
>> connect, but we are concerned about the hostile e-mails,
>> malware websites, and people in piracy. Who produces the best
>> job? Which is most capture hacker attempts? The product
>> should not interfere with operations on the network (all
>> connection is filled by the backup off-site at nite).

On Thu, May 8, 2008 1:09 pm, Andrew Plato wrote:
> That's a SUPER-loaded question. There is no easy answer. And I guarantee
> you will get a wide array of answers and arguments. Questions like yours
> evoke intense emotional responses from some people.

The man speaks the truth here :-)

<snip>
> That said, this is what I would recommend (I am sure it will deeply and
> profoundly offend some people, it always does):
>
> For UTM:
> Fortinet
> WatchGuard
> Juniper SSG
>
> For stand alone IPS:
> TippingPoint
> Juniper
> ISS
<snip>

My two cents: ISS is atrocious. I can't stress that enough. I'm anxious to
see if IBM's purchase helps or hinders their product line.

TippingPoint and Sourcefire have the best IPSs with the smartest team of
engineers behind them. These folks actually have some passion for their
product, just not a great marketing team with glossy brochures. Never had
a problem with them. ISS products on the other hand, failed often, didn't
perform well and had terrible customer service.

As Andrew said, get some demos. Everyone in this market is itching to get
these things in your hands. Some will even stop by, hook it up and show
you. Take advantage and choose wisely.

Good luck,
Randy

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Received on May 12 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]