|
IDS
mailing list archives
RE: Symantec Manhunt
From: "edward gonzales" <egon007 () msn com>
Date: Thu, 04 Dec 2003 13:55:10 -0800
I wouldn't say illogical.
Decoy server is not a NIDS, it is a honeypot.
Decoy Server (3.1) is the newer version of ManTrap (3.0.x)
HIDS (4.x) is the newer version of ITA (3.x)
Name changes made for the follow on versions. They don't overlap.
I can't speak for the other products mentioned below. I've never used them
IMHO...
Man Hunt positives
==================
- Hibryd detection: signature analysis + anomaly analysis
- Centralized admin, with *correlation* capabilities
- Third party event analysis and correlation (Checkpoint, Snort, ISS,
Tripwire...)
- ManHunt: SW-NIDS (unix platform) and HW-NIDS (iForce appliance)
- High availibility (HA) support
- Reporting capabilities
Man Hunt negatives
==================
- Licen$e (ok, cheaper than ISS and Enterasys, but...)
- Symantec's portfolio is a mess, illogical:
* 2x N-IDS: ManHunt, Decoy Server
* 2x H-IDS: Intruder Alert, HostIDS
* 2x VA: NetRecon, Vulnerability Assessment
* Old stuff: NetProwler, ManTrap
How will it be reorganized? Will Symantec continue with ManHunt?
I hope this helps.
---------------------------------------------------------------------------
---------------------------------------------------------------------------
_________________________________________________________________
Dont worry if your Inbox will max out while you are enjoying the holidays.
Get MSN Extra Storage! http://join.msn.com/?PAGE=features/es
---------------------------------------------------------------------------
---------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
