Intrusion Detection Systems mailing list archives

Re: Cisco NetRanger

From: SGariepy () quebectel-ami com (SGariepy () quebectel-ami com)
Date: Wed, 6 Oct 1999 00:02:29 -0400




What does that mean exactly, does that mean that NS NetRanger has NT
related security check or just
that it will work on the NT HPOV  ?

Is there any information avalaible somewhere about what NetRanger support
as attack recognition ?  It would be helpful in an IDS evalutation...

thanks
Stephan

                                                                                              
                    tim shea                                                                  
                    <tishea@cisco        To:     Carric Dooley <carric () com2usa com>, Johann   
                    .com>                van Duyn <johann () appleton co za>                     
                    Sent by:             cc:     ids () uow edu au                               
                                        owner-ids@uow        Subject:     Re: IDS: Cisco NetRanger                
                    .edu.au                                                                   
                                                                                              
                                                                                              
                    10/05/99                                                                  
                    12:36 PM                                                                  
                                                                                              
                                                                                              

NOTE: Remove this section from reply msgs otherwise the msg will bounce
________________________________________________________
Ce message a été analysé par un logiciel contre les virus, le vandalisme 
électronique et les fichiers joints de nature suspecte. Ce message est 
INOFFENSIF.
.

Actually, NT support is now available under HPOV Node Sentry for NetRanger.
t

At 11:55 PM 10/4/1999 -0400, Carric Dooley wrote:

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.

---
I am sort of in the process of evaluating several IDS's (RealSecure, Axent
NetProwler, Cisco NetRanger, & NFR).  It has been slow going lately, but I
hope to give it more attention in the future.

I can tell you this.  Sit down and think about what you need from an
intrusion detection system.  Does it need to be all NT and no Solaris?
Forget NetRanger and NFR for now.  Do you want a black box solution or do
you have the on sight expertise to build everything yourself?  How many
engines do you need, and to what degree do you need your NIDS to be
manageable on an enterprise scale?  How much do you want to spend?

Once you have considered most of these questions, the choice will be a lot
easier.  All of the products will claim a very similar degree of
effectiveness.  Pick what will fit the best into your environment.

On Mon, 4 Oct 1999, Johann van Duyn wrote:

Hi...

Does anyone here have much experience with Cisco's NetRanger? Any

thoughts

on its effectiveness, especially compared to Axent IntruderAlert,

CyberCop,

or any other products out there?

Any information gained from hands-on experience would be welcomed,
especially if you are able to compare it to other stuff out there.

Thanks.


***The Appleton Group Ltd***

This message, including any attachments, is intended only for the

individual

or institution to which it is addressed and may contain information that

is

privileged, confidential or prohibited from disclosure or unauthorized

use.

If the recipient of this transmission is not the intended recipient, you

are

hereby notified that any use, reproduction dissemination, copying,
disclosure, modification, distribution and/or publication of this email
message or any of its attachments other than by its intended recipient

is

strictly prohibited by the sender. If you have received this message in
error, please notify The Appleton Group Ltd immediately at
postmaster () appleton co za and destroy the message and all copies thereof

in

your possession.

****************************


___________________________________________________________________
Cisco Systems, Inc.
Tim Shea - TME
MOBILE: 602-617-0286                                    |          |
EFAX: 503-210-9461                                       :|:        :|:
EMAIL: tishea () cisco com                             :|||:       :|||:

________________________________________________________
Ce message a été analysé par un logiciel contre les virus, le vandalisme
électronique et les fichiers joints de nature suspecte. Ce message est
INOFFENSIF.
..:|||||||:....:|||||||:..
                                           c i s c o S y s t e m s
                                ...Empowering the Internet Generation...

__________________________________________________________________
OFFICE: 2390 E. Camelback Road, Suite 120 Phoenix, AZ 85016

Current thread:

Re: Cisco NetRanger SGariepy () quebectel-ami com (Oct 05)
- Re: Cisco NetRanger Carric Dooley (Oct 06)
- Re: Cisco NetRanger Greg Shipley (Oct 07)
- <Possible follow-ups>
- Re: Cisco NetRanger Dano (Oct 06)