IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: ISS RealSecure/SiteProtector or another IDS/firewall client?

From: Mike Lyman <mlyman-security () comcast net>
Date: Wed, 26 Nov 2003 20:56:39 -0600
On Wed, 2003-11-26 at 15:22, Jack Whitsitt (jofny) wrote:

I have to say...

Right now Im sitting around an ISS Site Protector console with 2 other analysts and, for the
life of us, we cannot get it to give us the information we need - much less quickly or easily.
We're all fairly experienced across a number of IDS platforms.  Whatever the engine does (or
other features), if you can't actually access the information you need in the format you need
it...those features are useless. With so many better products available (Intrushield, Dragon,
Snort/Sourcefire), I couldn't recommend ISS to anyone.


With ISS RealSecure reporting to SQL Server, you can get the data in
just about any format you need it in. I lived in SQL Server rather than
rely on the WorkGroup Manager/ICECap interfaces. We didn't migrate to
Site Protector before I left the job.

Mike Lyman


---------------------------------------------------------------------------
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: