Security Basics mailing list archives
Re: distributed IDS/sensor network
From: Ganbold <ganbold () micom mng net>
Date: Thu, 12 Mar 2009 12:02:06 +0800
Ihor Kravchuk wrote:
Hi! Take a look of IBM ISS Site Protector + IBM ISS IDS Network Sensors (up to 1Gb speed) . This solution includes event monitoring console, visualization, ticketing system and all staff that usually included in enterprise level solutions. The second one is Juniper IDP devices + management server. The third one - Cisco IDSM The forth one Lancope sure thing it is not a complete list.
Do you know estimated or average cost of such solution (for small and medium enterprise)
with 20 nodes for example? thanks, Ganbold
Ihor Kravchuk 2009/3/11 Ganbold <ganbold () micom mng net>:Hi, My friend is doing small research on the design and implementation of the distributed IDS/sensor network and security operation center. The requirements include but not limited to: *Distributed IDS sensor network (maybe with 20 IDS, honeynet/honeypot) *Real-time monitoring of threats, incidents and attacks (large LCD displays etc) *Watch and warning system (hardware and software) *Security alerting system (hardware and software) *Incident report and response system (web etc) In my opinion some existing open source software solutions like snort might work for IDS for the first time. Or it could be either commercial systems. So here I have a few questions: 1. Can somebody give me some pointers to existing well known distributed IDS/sensor networks and technologies (software/hardware names) that they use? 2. Are there any known real-time monitoring systems around? 3. Are there any well known projects which implements distributed IDS/sensor networks, and real-time monitoring systems? If somebody can give me some names I can further search and find what they are and what technologies they use. I appreciate if somebody can give me some pointers in this regard. thanks in advance, Ganbold -- A Smith & Wesson beats four aces.
-- try again
Current thread:
- distributed IDS/sensor network Ganbold (Mar 11)
- Message not available
- Re: distributed IDS/sensor network Ganbold (Mar 13)
- RE: distributed IDS/sensor network Javier Becerra (Mar 16)
- Re: distributed IDS/sensor network Ganbold (Mar 13)
- Message not available
- Re: distributed IDS/sensor network Daniel Hood (Mar 16)