Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS Comparison

From: Paul_J_Bielefeldt () notes tcs treas gov (Paul_J_Bielefeldt () notes tcs treas gov)
Date: Thu, 2 Mar 2000 15:18:40 -0500


Of those two products, Real Secure is the better (and cheaper).  NetRanger
detects only 111 signatures, which is way below the average (200-300) of most
IDS.  Real Secure is one of the leaders in this area with over 400 signatures.
NetRanger leaves sessions in cleartext between its network sensors and
management consoles; whereas, Real Secure doesn't.

Niether product, however, performs packet fragment reassembly, which will allow
a slightly more sophistictated hacker to bypass them.  Also, neither product
allows you to create your own signature (though both vendors will claim
differently).  For that reason, I would recommend other products such as Network
Flight Recorder or Dragon that has these added features.  They both have over
400 signatures as well.  They might be a little more difficult to use; however,
than Real Secure.

-Paul-

Hi,

Our company would like to purchase an intrusion detection system.
We don't know which one to choose Netranger or ISS Real Secure.
Can somebody help us to make a comparison between these two products ?

Thanks.
Sirine Tlili
Previous By Date Next
Previous By Thread Next

Current thread: