IDS: RE: Fortinet IDS

[Ron Gula <rgula () tenablesecurity com>]

At 10:07 AM 7/26/2004 -0500, JAVIER OTERO wrote:
> The number of virus and IDS/IPS is very limited, the performance is too 
> afected.
> internet <--------> FW&IDP&AV&... <--------> LAN
>                         |                     |
>                    Only this trafic          Internal attacks &
>                    is reviewed               virus are not reviewed
>
> Remember the 2 basic security principles:
> Minimun privileges
> Function separation <<<
... but I only have $500 to spend on my DSL/T1 firewall.

I think most of the things that have been said about Fortinet
are true. That being said, we have one here and really like
it. We added support for it to our Lightning Console a few
quarters ago due to customer demand. They liked the fact
that it ran Snort signatures, that it stopped a majority of
their virus traffic, was one box, .etc., .etc

Ron Gula, CTO
Tenable Network Security
NeVO - http://www.tenablesecurity.com/nevo.html
100% Passive Scanning & Instant Vulnerability Assessments


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------