Educause Security Discussion mailing list archives
Re: IPS - Tipping Point vs. ISS?
From: "Consolvo, Corbett" <ConsolvoC () COFC EDU>
Date: Fri, 7 Jul 2006 13:14:08 -0400
Well, I guess this may not help if you've already narrowed it down, but we're also in the process of evaluating IPSs. We're looking at Reflex, Nitro, ISS, and I think one or two others. We're down to Reflex and Nitro. I'd be happy to share any info if you'd like. Also, if anyone else has any input on the other vendors, that'd be great! Thanks, Corbett Consolvo CISO College of Charleston ________________________________ From: Dave Koontz [mailto:dkoontz () MBC EDU] Sent: Friday, July 07, 2006 1:10 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] IPS - Tipping Point vs. ISS? All, after evaluating several IPS products, we have narrowed our selection down to two products, Tipping Point and IIS Proventia along with their Host Agents. I've been searching for product & service comparisons between the companies and technologies, but frankly everything mostly deals with older models and past problems that have long been resolved. Reviews of these products are also mostly identical. Both seem to have solid rulesets with the most vicious exploit rules enabled by default. Seems that the biggest separator is the ISS Proventia Server Agent integration (basically BlackIce) which can do file system baseline / variance reporting, monitor encrypted traffic to the host, and provides basic auditing of things like the event log, and has agents for both windows and *Nix. If anyone has recently done a comparison of these products at both the network edge and in the core, I'd appreciate any feedback and why you choose one product over the other. Thanks in advance! --- Dave Koontz Associate Director CIS Mary Baldwin College Staunton VA 24401
Current thread:
- IPS - Tipping Point vs. ISS? Dave Koontz (Jul 07)
- <Possible follow-ups>
- Re: IPS - Tipping Point vs. ISS? Consolvo, Corbett (Jul 07)