-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
So Andrew, are you saying that most of our customers routinely
experience 75% hardware failure rates and we're somehow managing to
cover this up or do you think this was an isolated incident? Can you
imagine the cost to us in in terms of overhead for our customers with
100+ sensors if that were a true indication of the reliability of our
gear?
BTW, our IPS appliances offer zero power fail-open NICs as well.
-Marty
On Feb 6, 2006, at 11:04 AM, Andrew Plato wrote:
> Most of these devices are pretty good for reliability. The only
> exception I would make is SourceFire, which back when we sold it had
> abysmal reliability (3 out of 4 boxes we sold to a customer show up
> dead
> or died soon after installation).
>
> TippingPoint sells a zero-power bypass add-on for their IPS. If the
> IPS
> fails in anyway, traffic is passed through the zero-power device. Its
> very easy to add. Juniper does something similar.
>
> -----------------------------------------------
> Andrew Plato, CISSP, CISM
> President/Principal Consultant
> Anitian Enterprise Security
>
> -----------------------------------------------
>
>
>
>
> -----Original Message-----
> From: geek_brigades_at_yahoo.com [mailto:geek_brigades_at_yahoo.com]
> Sent: Thursday, February 02, 2006 8:27 AM
> To: focus-ids_at_securityfocus.com
> Subject: IPS Reliability/Availability
>
> I am working on a big IPS project and I am very concerned about
> installing an inline device in a core enterprise network, where these
> devices have the potential to create big time network outages.
>
> Can you, please, share your possible bad experiences about the
> reliability of the following inline IPS products:
>
> ISS
> TippingPoint
> Juniper IPS
> Sourcefire
> McAfee IntruShield
>
> Have you had any issues with the availability of these devices,
> such as
> fail close crashes or do you have any experience with bypass switches
> that would mitigate the availability issue?
>
> Thanks,
> Mike
>
> ----------------------------------------------------------------------
> --
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from
> CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-
> ids_040708
> to learn more.
> ----------------------------------------------------------------------
> --
> _________________________________________________
> NOTICE:
> This email may contain confidential information,
> and is for the sole use of the intended recipient.
> If you are not the intended recipient, please reply
> to the message and inform the sender of the error
> and delete the email and any attachments from
> your computer.
> _________________________________________________
>
> ----------------------------------------------------------------------
> --
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-
> ids_040708
> to learn more.
> ----------------------------------------------------------------------
> --
>
- --
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFD9J6Qqj0FAQQ3KOARAiElAJ96YZCSRUWJzU8hQZ2zKIsslDH6RQCfV9K1
sLDLFCtnciiLmvCYHUbPgv8=
=+eOq
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Received on Feb 19 2006
Intro
