Re: Counterpane Managed Security Monitoring

[mht () clark net (mht () clark net)]

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
I worked with BBNPlanet a while back (96 -97) timeframe and basically 
offered the same service.  Bruce just managed to bundle a few more tricks 
into his offering but otherwise, it is not any different in my mind.  You 
still have the smoke and mirrors and what is behind the curtain.  I don't 
know many experience security folk who are willing to be a security noc 
monkey for to long..

Refer to Data Communications Article March, 1999 Firewalls: Bark Worse than 
their Bite.(or something like that)

The real crux of the solution is to create an AI language to coalesce alot 
of the alerts into something a person can actually react to.

As we monitoring Site Patrol customers, system log flooding was a major 
issue and losing alerts was another. One quick blink or a quick run to the 
restroom and one could miss a lot of events.

/m

At 12:26 PM 7/18/00 -0400, b.g.miller wrote:
> Archive: http://msgs.securepoint.com/ids
> FAQ: http://www.ticm.com/kb/faq/idsfaq.html
> IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
> HELP: Having problems... email questions to ids-owner () uow edu au
> NOTE: Remove this section from reply msgs otherwise the msg will bounce.
> SPAM: DO NOT send unsolicted mail to this list.
> UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
> -----------------------------------------------------------------------------
> Has anyone on the list had experience with the new offering from 
> Counterpane - Counterpane Managed Security Monitoring?  Seems to be
> a meta-IDS bundled with a 24/7 staff.
>
> http://www.counterpane.com/whitepaper.html