Educause Security Discussion mailing list archives
Re: Intrusion Detection Recommendations
From: wcon <wcon () CONNCOLL EDU>
Date: Tue, 9 Aug 2005 09:34:17 -0400
We¹re using Netscreen¹s IDS/IDP solution, it¹s great for IDP/IDS but does not do flow analysis . IDP function(which is how we our using it) requires it to be inline, so that could get expensive, IDS can be out-of-band. One of the main reasons for going with them was the ease of custom definitions and definitions update. Cisco also has IDS blades in case you¹re a Cisco shop that you might want to look. On 8/9/05 9:32 AM, "Cebulski, John" <jcebulski () RKON COM> wrote:
I would also suggest that you look at the Intrushield solution by McAfee. From: Gibbs, Aaron M. [mailto:AMGibbs () ST-AUG EDU] Sent: Tuesday, August 09, 2005 8:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Intrusion Detection Recommendations We've been looking at Top Layer as and IPS and will be looking at Securiant.-----Original Message----- From: Mike Radomski [mailto:Mike.Radomski () ITEC SUNY EDU] Sent: Tuesday, August 09, 2005 9:10 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Intrusion Detection Recommendations Hello, We are currently looking at different alternatives to our Snort implementation for and IDS. We currently run Snort+ACID on a SPAN port. It works well, but would like a more robust system that is capable of anomaly detection, flow analysis, etc. I am wondering what everyone uses for IDS/IPS? Do you use a combination of open source tools, a commercial software solution, or a commercial hardware solution? What are the advantages of your implementation? Disadvantages? Thanks!
Current thread:
- Intrusion Detection Recommendations Mike Radomski (Aug 09)
- <Possible follow-ups>
- Re: Intrusion Detection Recommendations Gibbs, Aaron M. (Aug 09)
- Re: Intrusion Detection Recommendations Gary Dobbins (Aug 09)
- Re: Intrusion Detection Recommendations Cebulski, John (Aug 09)
- Re: Intrusion Detection Recommendations wcon (Aug 09)
- Re: Intrusion Detection Recommendations Dean De Beer (Aug 09)
- Re: Intrusion Detection Recommendations Graham Toal (Aug 09)
- Re: Intrusion Detection Recommendations Jason Richardson (Aug 09)
- Re: Intrusion Detection Recommendations Wes Simons (Aug 09)
- Re: Intrusion Detection Recommendations John Kemp (Aug 09)
- Re: Intrusion Detection Recommendations Scott Genung (Aug 09)
- Re: Intrusion Detection Recommendations James Riden (Aug 09)
- Re: Intrusion Detection Recommendations Gary Flynn (Aug 12)