Home page logo

basics logo Security Basics mailing list archives

Re: Enterasys D.I.R Vs. Cisco
From: Bernardo Wernesback <bernardosw () gmail com>
Date: Wed, 25 Jan 2006 17:51:18 -0200

Hi Juan,

I've tested DIR in laboratory and it really works well. We had a
Dragon IDS detecting attacks and, when integrated with NetSight Atlas,
applying restrictions to the attacker's switch port.

Cisco does have a similar solution (I believe it's called RBAC) but it
depends on having servers specifically for this solution and, as far
as I know, it is not as complete as Enterasys.

I'd love to hear from people who've used Cisco's solution.

See ya,

On 1/8/06, Juan B <juanbabi () yahoo com> wrote:

I tought to implement Enterasys DIR (dynamic
intrustion response ) on my corporate lan ,this new
thecnology had a Firewall on each swithch port. one
can configure a defailt policy for the entire switch
and with one click enable it on all ports, with
Netsight Atlas and authntication of users with a
backend Ldap server or Active directory I can
configure policy of traffic for each userin the
company this is a Fw for layers 2-4.
I tried to look for similer thechnologies at other
vendors like cisco and they dont have anything. is it
possible with cisco to configure ACL's on LAN switchs?
like in the old 2900 familiy?
and if yes, I dont thing it is managemble....

So what so you think about the DIR? I guess the other
vendors are way behind or am I wrong.

Thnaks !

Yahoo! DSL – Something to write home about.
Just $16.99/mo. or less.

The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]