Intrusion Detection Systems mailing list archives
Re: Cisco NetRanger
From: sedanod () excite com (Dano)
Date: Wed, 06 Oct 1999 17:19:46 PDT
There is an excellent article in NETWORK COMPUTING; 09/20/99 that compares Netranger and ISS's RealSecure. Both are Network based IDS platforms. All I can say is that we used Netranger since 1997 and this article hits it right on the head. Although Netranger is a very robust tool, Realsecure seems to win out on documentation and support... I can attest to that, the Netranger documentation and support needed work. I can only hope that after Wheelgroup was bought by Cisco it will improve. documentation... look closely at Realsecure as an enterprise wide IDS tool. Thanks, Dan On Wed, 6 Oct 1999 00:02:29 -0400, SGariepy () quebectel-ami com wrote:
FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems... email questions to ids-owner () uow edu au NOTE: Remove this section from reply msgs otherwise the msg will bounce. SPAM: DO NOT send unsolicted mail to this list. --- What does that mean exactly, does that mean that NS NetRanger has NT related security check or just that it will work on the NT HPOV ? Is there any information avalaible somewhere about what NetRanger suppo= rt as attack recognition ? It would be helpful in an IDS evalutation... thanks Stephan = =20 tim shea = =20 <> <tishea@cisco To: Carric Dooley <carric@= com2usa.com>, Johann =20 .com> van Duyn <> .com> van Duyn <johann () appleton co.z= a> =20 Sent by: cc: ids () uow edu au = =20 > owner-ids@uow Subject: Re: IDS: Cisco Ne= tRanger =20 .edu.au = =20 = =20 = =20 10/05/99 = =20 12:36 PM = =20 = =20 = =20 FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems... email questions to ids-owner () uow edu au NOTE: Remove this section from reply msgs otherwise the msg will bounce= ________________________________________________________ Ce message a été analysé par un logiciel contre les virus, le vandalisme électronique et les fichiers joints de nature suspecte. Ce message est INOFFENSIF. . SPAM: DO NOT send unsolicted mail to this list. -----------------------------------------------------------------------= ---- --- Actually, NT support is now available under HPOV Node Sentry for NetRan= ger. t At 11:55 PM 10/4/1999 -0400, Carric Dooley wrote:FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems... email questions to ids-owner () uow edu au NOTE: Remove this section from reply msgs otherwise the msg will bounc=e.SPAM: DO NOT send unsolicted mail to this list.-----------------------------------------------------------------------= ------- I am sort of in the process of evaluating several IDS's (RealSecure, A=xentNetProwler, Cisco NetRanger, & NFR). It has been slow going lately, b=ut Ihope to give it more attention in the future. I can tell you this. Sit down and think about what you need from an intrusion detection system. Does it need to be all NT and no Solaris?=Forget NetRanger and NFR for now. Do you want a black box solution or=doyou have the on sight expertise to build everything yourself? How man=yengines do you need, and to what degree do you need your NIDS to be manageable on an enterprise scale? How much do you want to spend? Once you have considered most of these questions, the choice will be a=loteasier. All of the products will claim a very similar degree of effectiveness. Pick what will fit the best into your environment. On Mon, 4 Oct 1999, Johann van Duyn wrote:Hi... Does anyone here have much experience with Cisco's NetRanger? Anythoughtson its effectiveness, especially compared to Axent IntruderAlert,CyberCop,or any other products out there? Any information gained from hands-on experience would be welcomed, especially if you are able to compare it to other stuff out there. Thanks. ***The Appleton Group Ltd*** This message, including any attachments, is intended only for theindividualor institution to which it is addressed and may contain information =that isprivileged, confidential or prohibited from disclosure or unauthoriz=ed use.If the recipient of this transmission is not the intended recipient,=you arehereby notified that any use, reproduction dissemination, copying, disclosure, modification, distribution and/or publication of this em=ailmessage or any of its attachments other than by its intended recipie=nt isstrictly prohibited by the sender. If you have received this message=inerror, please notify The Appleton Group Ltd immediately at postmaster () appleton co za and destroy the message and all copies the=reof inyour possession. ****************************___________________________________________________________________ Cisco Systems, Inc. Tim Shea - TME MOBILE: 602-617-0286 | | EFAX: 503-210-9461 :|: :|:= EMAIL: tishea () cisco com :|||: :|||: ________________________________________________________ Ce message a =E9t=E9 analys=E9 par un logiciel contre les virus, le van= dalisme =E9lectronique et les fichiers joints de nature suspecte. Ce message es= t INOFFENSIF. ..:|||||||:....:|||||||:.. c i s c o S y s t e m s ...Empowering the Internet Generation..= . __________________________________________________________________ OFFICE: 2390 E. Camelback Road, Suite 120 Phoenix, AZ 85016 =
________________________________________________________________ Get FREE voicemail, fax and email at http://voicemail.excite.com Talk online at http://voicechat.excite.com
Current thread:
- Re: Cisco NetRanger SGariepy () quebectel-ami com (Oct 05)
- Re: Cisco NetRanger Carric Dooley (Oct 06)
- Re: Cisco NetRanger Greg Shipley (Oct 07)
- <Possible follow-ups>
- Re: Cisco NetRanger Dano (Oct 06)