Re: IDS / IPS appliances

[<Steve.Cummings () barclayscapital com>]

Another worth consideration is iss possibly even nai

Places to look are gartner magic quadrant, nss, tolly group

Would strongly recommend nss reports.


 

-----Original Message-----
From: Ed Smith <esmith () bcc ctc edu>
To: security-basics () securityfocus com <security-basics () securityfocus com>
Sent: Fri Sep 09 20:33:52 2005
Subject: IDS / IPS appliances

Hello List!

For the last few months I've been running the Henwen Snort package on a
Mac. When I talked to a senior network admin about expanding this to
full-fledged Snort running on a dedicated server, he told me there is
increased interest among our decision-makers in intrusion detection, and
I was asked to research some IDS applicances for purchase consideration.

Up to this point I've restricted myself to freeware (for budgetary
reasons), so I have little knowledge of and no experience with
commercial IDS offerings. So far I've looked at solutions from Cisco,
Tipping Point, Cyberguard, Deepnines, and Captus, and have gathered a
number of tech reports and datasheets to compare. I'd really like to
solicit opinions, recommendations, experiences, and feedback from
members of the security community who are more familiar with commercial
products than I am.

At this point I am open to both dedicated appliances as well as
software-based solutions. We already have firewalls and VPN set up, so I
am not looking as closely at products that bundle these features
together with IDS/IPS; I am more interested in IDS/IPS specific
products.

If anyone would be willing to take a moment and share their knowledge of
commercial IDS products I would be very grateful.

Thanks very much in advance.

Edward Smith
esmith () bcc ctc edu 



------------------------------------------------------------------------
For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.

------------------------------------------------------------------------