Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Internal Intrusion Detection/Prevention -- High Throughput -- Snort/Cisco/Others?

From: "Marksteiner, Stefan" <stefan.marksteiner () joanneum at>
Date: Thu, 31 May 2012 09:35:43 +0200
Some time ago I did a little survey on this.
Most of the leading vendors put a lot of energy in building up "real" IPv6 support.  Some of them actually do a nice 
job by now (supporting fragmentation and extension headers).  Of course there is still a lot of r&d to do.  In the end, 
it all comes down to signatures (reputation isn't a big issue right now, due to the lack of proliferation of IPv6). 
There, ratios of big vendors are between 20 and 60% of IPv6 signatures, compared to IPv4 signatures. They add, of 
course, support of IPv6 with the demand for it, which is still low but constantly rising. They try to have a solution 
ready when the big run (and thus, the big money) on IPv6 sets in.

Cheers,

Stefan


-----Ursprüngliche Nachricht-----
Von: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Im Auftrag von Mrs. Y.
Gesendet: Mittwoch, 30. Mai 2012 20:44
An: security-basics () securityfocus com
Betreff: Re: Internal Intrusion Detection/Prevention -- High Throughput -- Snort/Cisco/Others?

You know, I keep *hearing* about "full IPv6 support" from security vendors.  I would like to see what these pricey 
vendor solutions do up against a full IPv6 network fuzzer. Once you fragment or add multiple extension headers, I 
understand they crap themselves.

On 5/30/2012 1:37 PM, Jerry Fraizer wrote:

TippingPoint is a great solution for IPS/IDS.

IPv6 is fully supported, TippingPoint has a false positive rate lower than any other product in the space, 
TippingPoint is designed to be placed in-line to actively mitigate threats. TP is super low latency. To top it off 
the administrative burden is a fraction of other solutions.

Jerry Fraizer, CEH

On May 30, 2012, at 9:54 AM, Henri Salo<henri () nerv fi>  wrote:


On Wed, May 30, 2012 at 09:49:37AM -0400, Jon D wrote:

I'm curious what other people have found to be good fits product 
wise for internal IDS.
Say if you want to monitor a handful of high bandwidth servers on 
the inside network without spending a fortune.

I was thinking about using a Cisco IDS, but they're a little pricey 
for high bandwidth models.


Any thoughts?



Thanks,
Jon


Sourcefire. They really are worth of the money.

- Henri Salo

---------------------------------------------------------------------
--- Securing Apache Web Server with thawte Digital Certificate In 
this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be
442f727d1
---------------------------------------------------------------------
---



----------------------------------------------------------------------
-- Securing Apache Web Server with thawte Digital Certificate In this 
guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it 
benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
42f727d1
----------------------------------------------------------------------
--



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: