RE: Top IPS vendors - please read for invitation to Network World review.

[Mark Teicher <mht3 () earthlink net>]

Zach,

You are exactly correct, PREVENTION is key to the technology, most IPS 
products that are available today have an underlying IDS piece with some 
basic PREVENTION functionality (i.e. TCP SNIPE, TCP RESET), but not enough 
PREVENTION to fully analyze the transaction. IPS are not easily applicable 
to SAP based applications..

/mark

At 10:36 PM 8/27/2003, Zach Forsyth wrote:

> >-----Original Message-----
> >From: Mark Teicher [mailto:mht3 () earthlink net]
> >Sent: Wednesday, 27 August 2003 22:30 PM
> >To: Paul Schmehl; focus-ids () securityfocus com; seth.knox () sygate com
> >Subject: Re: Top IPS vendors - please read for invitation to Network
> World review.
> >
> >
> >The real question I have is what defines an IPS product versus an IDS..
> IDS
> >is obvious, but IPS, it is a very tough definition
>
> Intrusion DETECTION system
>
> Intrusion PREVENTION system
>
> Seems fairly fundamental to me...I think I know what you are trying to
> say though, keep referring back to the word prevention :)


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world’s premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symanetc is the Diamond sponsor.  Early-bird registration ends September 6 Visit: www.blackhat.com
---------------------------------------------------------------------------