IDS mailing list archives
RE: ISS RealSecure/SiteProtector or another IDS/firewall client?
From: Mike Lyman <mlyman-security () comcast net>
Date: Wed, 26 Nov 2003 20:56:39 -0600
On Wed, 2003-11-26 at 15:22, Jack Whitsitt (jofny) wrote:
I have to say... Right now Im sitting around an ISS Site Protector console with 2 other analysts and, for the life of us, we cannot get it to give us the information we need - much less quickly or easily. We're all fairly experienced across a number of IDS platforms. Whatever the engine does (or other features), if you can't actually access the information you need in the format you need it...those features are useless. With so many better products available (Intrushield, Dragon, Snort/Sourcefire), I couldn't recommend ISS to anyone.
With ISS RealSecure reporting to SQL Server, you can get the data in just about any format you need it in. I lived in SQL Server rather than rely on the WorkGroup Manager/ICECap interfaces. We didn't migrate to Site Protector before I left the job. Mike Lyman --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- ISS RealSecure/SiteProtector or another IDS/firewall client? Benjamin B. Williams (Nov 25)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Alan Shimel (Nov 26)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Gwendolynn ferch Elydyr (Nov 26)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Jack Whitsitt (jofny) (Nov 26)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Mike Lyman (Nov 27)
- Re: ISS RealSecure/SiteProtector or another IDS/firewall client? Mike Lyman (Nov 26)
- <Possible follow-ups>
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Luke Leboeuf (Nov 25)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Sergey V. Gordeychik (Nov 26)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Bohling James CONT JBC (Nov 26)
- Re: ISS RealSecure/SiteProtector or another IDS/firewall client? Martin Roesch (Nov 27)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Teicher, Mark (Mark) (Nov 27)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Teicher, Mark (Mark) (Nov 27)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Chan Kien Eng (Nov 27)
- Re: ISS RealSecure/SiteProtector or another IDS/firewall client? Andrew Plato (Nov 27)
- RE: ISS RealSecure/SiteProtector or another IDS/firewall client? Alan Shimel (Nov 26)