Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: IPS Comparison
From: "Slamet" <slamet () sdt co id>
Date: Fri, 9 Sep 2005 19:12:17 +0700

Hi Harjith,

            Here some list of third party report that may useful for you to
give an idea about comparison of IPS products :
• http://www.tips-it.com/product.php?pid=4
• http://www.nss.co.uk
• Gartner Report (G00123902, "Seven Key Selection Criteria for Network
IPSs", author Greg Young, November 1, 2004)
• http://www.iss.net/resources/pescatore.php (Interview with John Pescatore,
VP and Research Fellow with Gartner, Inc. to discuss the future of Internet
security. In this interview, Pescatore shared his views on a variety of
topics, including vulnerability management, intrusion prevention and the
future landscape of Internet security).

Here some my opinion, when we choosing which IPS product is the best one,
there some factor that we need to consider it. There is a whitepaper (it is
free) from one IPS vendor (ISS) that give some brief explanation about what
criteria need to be consider when choosing an IPS product. I know maybe you
will think that this whitepaper may be not objective one since it created by
some IPS vendor, but my point is maybe this whitepaper can help you give
some idea. You can download the whitepaper at
http://documents.iss.net/whitepapers/ISS_Network_Intrusion_Prevention_White_
paper.pdf


The important thing question that when choosing an IPS is :
• When IPS can detect & blocking the attacks? BEFORE exploit release or
AFTER exploit release and already outbreak around the world?
• IPS vendor protection is based on Exploit-driven (Reactive) or
Vulnerability-driven (Proactive)?
For more information about Exploit-driven vs Vulnerability-driven, please
see whitepaper from ISS (it is free) at
http://documents.iss.net/whitepapers/ISS_Vulnerability_Lifecycle_Whitepaper.
pdf


A better protection is combined between NIPS (Network IPS) & HIPS (Host
IPS). Some IPS vendor doesn’t have HIPS product, so they will say that NIPS
is enough to protect customer enterprise. HIPS & NIPS is complement each
other. You can find more information about HIPS & NIPS is competitor or
partner whitepaper (it is free) from McAfee at
http://www.mcafeesecurity.com/us/local_content/white_papers/wp_host_nip.pdf


Hope it useful for you.

Regards,

Slamet F.

-----Original Message-----
From: jith jith [mailto:jackieoop () yahoo co in] 
Sent: Friday, August 26, 2005 1:52 PM
To: greg () mcpheecomm com
Cc: pen-test () securityfocus com; charbel () cultura com br
Subject: IPS Comparison

Hi, 

Im working as security consultant. currently im
stepping into the IPS market.
I would like to have the comparison sheet between
different IPS products like Radware-Defence Pro, ISS,
McAffe, juniper, Entrasys etc

Plz help me out in the same. 

Thanks and Regards
Harjith


            

            
                        
____________________________________________________
Send a rakhi to your brother, buy gifts and win attractive prizes. Log on to
http://in.promos.yahoo.com/rakhi/index.html



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • RE: IPS Comparison Slamet (Sep 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]