Re: IDS - Appliances vs Snort

[GuidoZ <uberguidoz () gmail com>]

This email might be better discussed at another one of SecurityFocus's
lists. Look for "Focus on IDS" here:
http://www.securityfocus.com/archive (you can also view a bunch of
info about it here:
http://www.securityfocus.com/popups/forums/focus-ids/intro.shtml

-- 
Peace. ~G


On Wed, 29 Sep 2004 11:45:06 -0400, ka55ad <ka55ad () gmail com> wrote:
> Hi List,
>
>      I was wondering if I could get some opinions on the matter of
> IDSs. Right now I am looking at deploying one in a small organization.
> They currently have some unmanaged switches. I was wondering what the
> pros and cons would be of getting a security appliance (say something
> like a Syamantec Gateway Security 360) vs getting a managed switch
> with port spanning and building a snort box. I have built a snort box
> before, so I am comfortable with that. Also, my budget is very
> limited. There is already a firewall in place, so getting a new
> hardware firewall might seem pointless to management, but if the IDSs
> is better or if there are more useful features (aside from a firewall
> and vpn server)  then it might be worth it. I also like the idea of
> having a managed switch on the network.
>
> Thanks.