Firewall Wizards mailing list archives

Re: HIPS experience

From: "Kristian Hermansen" <kristian.hermansen () gmail com>
Date: Tue, 15 May 2007 22:05:00 -0400

On 5/15/07, "Mike LeBlanc" <mlinfosec () comcast net> wrote:

Would love to hear nay feedback form the list on these or other products.


Have you considered Cisco Security Agent?  This is the de facto
standard amongst corporations/governments with highly valuable assets.
 Although, the costs are also quite reasonable for both Desktop and
Server licensing.  CSA protects against Zero Day attacks, which is
something many products claim, but few actually do.

http://www.cisco.com/en/US/products/sw/secursw/ps5057/index.html

List of attacks stopped on Day Zero, in default CSA policy
configuration, and requiring no user interaction after installation
(takes 30-60 minutes to install):

Bagle
SQL Snake
Blaster
JPEG/GDI+
Bugbear
MyDoom
Code Red
Nimda
Debploit
Pentagone/Gonner
Fizzer
Sasser
Gator/Gain
Sircam
Hotbar
Sobig
SQL Slammer
Zotob

Here's a company write-up on how they benefited from CSA deployment:
http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_case_study0900aecd8033ab2f.shtml
-- 
Kristian Hermansen
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

HIPS experience Mike LeBlanc (May 14)
- Re: HIPS experience roberto mizuuti (May 15)
- Re: HIPS experience Paul Melson (May 17)
- <Possible follow-ups>
- Re: HIPS experience Kristian Hermansen (May 17)
  - Re: HIPS experience stursa (May 18)
    - Re: HIPS experience Victor Williams (May 20)
    - Re: HIPS experience Paul Melson (May 23)
    - Re: HIPS experience stursa (May 23)
    - Re: HIPS experience Paul Melson (May 25)
  - Re: HIPS experience Paul Melson (May 20)
    - Re: HIPS experience Kristian Hermansen (May 18)
- Re: HIPS experience Kristian Hermansen (May 20)