IDS mailing list archives
RE: Network hardware IPS
From: "Alan Shimel" <alan () latis com>
Date: Mon, 29 Sep 2003 08:27:42 -0600
Alvin I think our Border Guard product can do what you seem to be looking for. One note of caution on TCP Reset is not a preferred method of blocking attacks according to some security experts. Border Guard actually uses both traditional firewall-like blocking as well as a proprietary method that we call pre-emptive blocking that will stop even fragments of packets before they do harm. I would be happy to talk to you more about other features off-line if you like. You can find out more at http://www.stillsecure.com Thanks alan Alan Shimel VP of Sales & Business Development Latis Networks, Inc. 303-381-3815 Direct 303-381-3881 Fax 516-857-7409 Mobile www.stillsecure.com Reducing your risk has never been this easy. . . . The information transmitted is intended only for the person to which it is addressed and may contain confidential material. Review or other use of this information by persons other than the intended recipient is prohibited. If you've received this in error, please contact the sender and delete from any computer. -----Original Message----- From: Alvin Wong [mailto:alvin.wong () b2b com my] Sent: Monday, September 29, 2003 2:31 AM To: focus-ids () securityfocus com Subject: Network hardware IPS Hi, I'm interested to find out if anyone can share their experiences or recommend a network hardware IPS that is deployed in front of the gateway which is able to detect attack signatures and at the same time, actively blocking out these attacks, alerting me in the process. This would be different from a passive IDS which depends on correlating the logs every time an alert pops up. An ideal solution would be to be able to detect the patterns and prevent them automatically, can a network IPS do this? I understand that it is possible in some IDS to do a TCP reset after one had confirmed that the connection is not acceptable, can anyone explain whether an IDS that can do this be actually "active" as opposed to passive? It would also be interesting if there could be some amount of trend analysis built in which can review the destination/source ip traffic over time, which can be used to identify particular boxes which are easily targeted, which would mean that more work needs to be done for that box. Regards, Alvin ------------------------------------------------------------------------ --- Captus Networks IPS 4000 Intrusion Prevention and Traffic Shaping Technology to: - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Precisely Define and Implement Network Security & Performance Policies FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101 ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- Captus Networks IPS 4000 Intrusion Prevention and Traffic Shaping Technology to: - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Precisely Define and Implement Network Security & Performance Policies FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101 ---------------------------------------------------------------------------
Current thread:
- Network hardware IPS Alvin Wong (Sep 29)
- RE: Network hardware IPS Alan Shimel (Sep 29)
- Re: Network hardware IPS Andy Cuff [Talisker] (Sep 29)
- Re: Network hardware IPS nick black (Sep 30)
- Re: Network hardware IPS Ravi Kumar (Sep 30)
- <Possible follow-ups>
- RE: Network hardware IPS JAVIER OTERO (Sep 29)
- Message not available
- Network hardware IPS Alvin Wong (Sep 30)
- Re: Network hardware IPS Cory Stoker (Sep 30)
- Message not available
- RE: Network hardware IPS JAVIER OTERO (Sep 30)
- RE: Network hardware IPS travis . alexander (Sep 30)
- RE: Network hardware IPS JAVIER OTERO (Sep 30)
- RE: Network hardware IPS Nimesh Vakharia (Sep 30)