IDS mailing list archives
Re: Network hardware IPS
From: Gary Flynn <flynngn () jmu edu>
Date: Thu, 02 Oct 2003 13:15:52 -0400
Ron Gula wrote:
If you are the type of NIDS fellow who likes to tweak signatures and SSH into your box to check the logs, it's not for you.
I can't imagine installing any type of IDS/IDP device today that wouldn't allow me to examine and tune existing signatures and create new ones. In my environment communication needs vary too much and signature analysis is too inexact to depend upon a vendor's black box. In addition, the ability to instantly react to new threats at the local level in ways that are unique to a particular organization's environment seems, to me, to be invaluable. That has been a strength of both Nessus and Snort. Can you imagine either if all signatures were hidden from us and locked in stone? My $0.02 worth. -- Gary Flynn Security Engineer - Technical Services James Madison University --------------------------------------------------------------------------- Captus Networks IPS 4000Intrusion Prevention and Traffic Shaping Technology to: - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic - Precisely Define and Implement Network Security & Performance PoliciesFREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------
Current thread:
- RE: Network hardware IPS Davis, Scott L (Oct 02)
- Re: Network hardware IPS Stefano Zanero (Oct 06)
- <Possible follow-ups>
- Re: Network hardware IPS Darren Bolding (Oct 02)
- Re: Network hardware IPS Alvin Wong (Oct 02)
- Re: Network hardware IPS Ravi Kumar (Oct 02)
- Re: Network hardware IPS Alvin Wong (Oct 02)
- Re: Network hardware IPS Ravi Kumar (Oct 06)
- RE: Network hardware IPS Ron Gula (Oct 02)
- Re: Network hardware IPS Gary Flynn (Oct 06)
- Re: Network hardware IPS david maynor (Oct 07)
- Re: Network hardware IPS Gary Flynn (Oct 08)
- Re: Network hardware IPS Gary Flynn (Oct 06)
- RE: Network hardware IPS Dave Killion (Oct 07)
- Re: Network hardware IPS Stefano Zanero (Oct 07)
- RE: Network hardware IPS david maynor (Oct 08)
- RE: Network hardware IPS Dave Killion (Oct 07)
- Re: Network hardware IPS Stefano Zanero (Oct 07)
- Re: Network hardware IPS George W. Capehart (Oct 08)
- RE: Network hardware IPS Dave Killion (Oct 08)
- RE: Network hardware IPS Frank Knobbe (Oct 09)