Intrusion Detection Systems mailing list archives
Re: Info needed to compare Axent ITA and ISS RealSecure
From: inno () patriot net (Inno Eroraha)
Date: Mon, 3 Jul 2000 14:10:09 -0400 (EDT)
Archive: http://msgs.securepoint.com/ids FAQ: http://www.ticm.com/kb/faq/idsfaq.html IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au Mouritz, It's hard to really answer this question without getting into a religous war. Making a comparison, without understanding what your requirement is is like asking someone "is a BMW Z3 or a Mercedes CLK better?" Functionally, they both provide "open air driving" and other goodies, etc. Therefore, it would be hard for any non-sale person to answer the question without being biased. Here is what I would SERIOUSLY recommend: * On a plain sheet of paper, on the first column, list the things you would look for in an IDS (if you don't know what to look for, then read through different vendors IDS products whitepapers and see feature offerings) that will meet your environment/requirement. On the second column, place a checkmark if ISS supports it. Finally, on the third column, place a checkmark if Axent support it. * Do this until all your requirements are met. * Now think about other features that "would be nice to have" and see how ISS and Axent compare. I can assure you that, this simple technique will work for anything (cars, or IDS). When I once researched IDS, I came up with somethins similar to this: FEATURE ISS RealSecure IDSVendor1 Host-based yes no network-based yes yes central console yes no email alert yes yes SNMP alert yes no Firewall blocking yes no CustomRules no yes ... I used this to come up with a decision. I think a simple matrix will assist you in determining which IDS is most ideal for you. Also, if you boss ask you why you chose ISS and not Axent, NFR, or Cybercop, you can tell her why and not because someone "experienced" told you. Good luck! -0- inno On Mon, 3 Jul 2000, Mouritz Snyder wrote:
Hi I'm new to this list as I've just been tasked the great job of looking into IDS systems for our company. I'm looking for info on both Axent and ISS products for IDS, can any one help me please. As this is the two products that I need to evaluate, I don't want to start a mail war with this question please, I just need some info as too which of these two are going to work best. We're looking at both network and host based IDS, and we operating in a switched environment. Rgds Mouritz
Current thread:
- Know Your Enemy: Motives Lance Spitzner (Jul 01)
- Re: Know Your Enemy: Motives bacano (Jul 02)
- Info needed to compare Axent ITA and ISS RealSecure Mouritz Snyder (Jul 02)
- Re: Info needed to compare Axent ITA and ISS RealSecure Inno Eroraha (Jul 03)
- Re: Info needed to compare Axent ITA and ISS RealSecure Talisker (Jul 03)
- RE: Info needed to compare Axent ITA and ISS RealSecure Chad Harrington (Jul 03)
- Re: RE: Info needed to compare Axent ITA and ISS RealSecure Greg Shipley (Jul 04)
- RES: Info needed to compare Axent ITA and ISS RealSecure Marlon Jabbur (Jul 04)
- RE: Info needed to compare Axent ITA and ISS RealSecure Mark Renfer (Jul 04)
- Re: RE: Info needed to compare Axent ITA and ISS RealSecure Marcus J. Ranum (Jul 04)
- Re: RE: Info needed to compare Axent ITA and ISS RealSecure mht () clark net (Jul 04)
- Ramping up for another review Greg Shipley (Jul 05)
- Re: Ramping up for another review Talisker (Jul 05)
- Re: Ramping up for another review Misha (Jul 05)