Security Basics mailing list archives

IDS - Appliances vs Snort


From: ka55ad <ka55ad () gmail com>
Date: Wed, 29 Sep 2004 11:45:06 -0400

Hi List,

     I was wondering if I could get some opinions on the matter of
IDSs. Right now I am looking at deploying one in a small organization.
They currently have some unmanaged switches. I was wondering what the
pros and cons would be of getting a security appliance (say something
like a Syamantec Gateway Security 360) vs getting a managed switch
with port spanning and building a snort box. I have built a snort box
before, so I am comfortable with that. Also, my budget is very
limited. There is already a firewall in place, so getting a new
hardware firewall might seem pointless to management, but if the IDSs
is better or if there are more useful features (aside from a firewall
and vpn server)  then it might be worth it. I also like the idea of
having a managed switch on the network.

Thanks.


Current thread: