Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS conference call

From: "Flynn, Gary" <flynngn () JMU EDU>
Date: Wed, 26 May 2010 15:45:22 -0400
Randy,

What ipv6 attacks have your IPS units detected? Just curious as we're getting ready to upgrade our IPS for IPv6 
capability and enable native IPv6 across the Internet border. Currently we're blocking IPv6 and allowing 
tunneling/transition protocols. We hope to reverse that.

I saw a white paper from ISS or eEye 5-6 years ago about detected IPv6 attacks and IPv6 enabled malware but haven't 
seen anything recently.

Thanks,
gary


On 5/26/10 3:22 PM, "randy marchany" <marchany () VT EDU> wrote:

One question that needs to be asked in any IPS evaluation is does the device detect IPv6 attacks. I know a the majority 
of nets are not Ipv6 but that's not a reason to not have an IPS device be able to detect IPv6.

-Randy Marchany
VA Tech IT Security Office

On Wed, May 26, 2010 at 2:40 PM, Brian Smith-Sweeney <bsmithsweeney () nyu edu> wrote:
Hello all,

I have seen the "what are your experiences with network intrusion
prevention systems" question come up a few times in the 12-24 months,
and thought I would offer to organize a conference call sometime in the
next week or so to continue those discussions live.  My goal would be to
summarize key points from that conversation and reshare them out to this
list.  This is decidedly non-altruistic - NYU has recently (re)started
an IPS evaluation project and would appreciate having access to such a
summary.

I think it would be particularly useful to discuss IPS evaluation in the
context of the publicly available information from NSSLabs, Gartner, and
ICSA, to see how that data stacks up against your experiences
implementing IPS in a higher-ed environment.

If you're interested in participating please send me a note (offline is
fine), including which vendors you have experience with. In the unlikely
event I get an overwhelming response and have to limit participation I
will make an effort to ensure a range of experiences is represented.

I'm working on some seed questions now which I'm happy to share if
there's interest.

Cheers,
Brian

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Brian Smith-Sweeney                      Project Lead
ITS Technology Security Services, New York University
bsmithsweeney () nyu edu
http://www.nyu.edu/its/security
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Previous By Date Next
Previous By Thread Next

Current thread: