IDS mailing list archives
RE: Symantec Manhunt
From: "Hernansanz, Daniel" <dhernansanz () alava net>
Date: Thu, 4 Dec 2003 10:50:47 +0100
The company I work for is looking into Symantec Manhunt IDS. As part
of my
research I was hoping anyone in this list familiar with this product
could
give me some of the positive and negatives of this IDS.
IMHO... Man Hunt positives ================== - Hibryd detection: signature analysis + anomaly analysis - Centralized admin, with *correlation* capabilities - Third party event analysis and correlation (Checkpoint, Snort, ISS, Tripwire...) - ManHunt: SW-NIDS (unix platform) and HW-NIDS (iForce appliance) - High availibility (HA) support - Reporting capabilities Man Hunt negatives ================== - Licen$e (ok, cheaper than ISS and Enterasys, but...) - Symantec's portfolio is a mess, illogical: * 2x N-IDS: ManHunt, Decoy Server * 2x H-IDS: Intruder Alert, HostIDS * 2x VA: NetRecon, Vulnerability Assessment * Old stuff: NetProwler, ManTrap How will it be reorganized? Will Symantec continue with ManHunt? I hope this helps. --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- RE: Symantec Manhunt Fergus Brooks (Dec 01)
- <Possible follow-ups>
- RE: Symantec Manhunt Mariusz Burdach (Dec 02)
- RE: Symantec Manhunt Hernansanz, Daniel (Dec 04)
- RE: Symantec Manhunt edward gonzales (Dec 04)
- RE: Symantec Manhunt Fergus Brooks (Dec 05)
- RE: Symantec Manhunt Johann van Duyn (Dec 05)
- RE: Symantec Manhunt simonis (Dec 05)
- RE: Symantec Manhunt Troy Pressley (Dec 05)