IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Affordable Network Behavior Analysis alternatives

From: Steven Rakick <stevenrakick () yahoo com>
Date: Mon, 26 Jul 2004 13:59:33 -0700 (PDT)
Hi Heather,

I wouldn't worry about it. Our account rep told me
that Intrusense should be releasing nSight 1.2 this
week anyways. I'm sure there will be an evaluation
version available. 

Steve


--- "Heather M. Guse Bryan" <hbryan () dpntech com>
wrote:

Unfortunately they closed the beta program.

Too bad, I was interested in it.

-----Original Message-----
From: Steven Rakick [mailto:stevenrakick () yahoo com]
Sent: Thursday, July 22, 2004 12:48 PM
To: full-disclosure () lists netsys com
Cc: jeff.gillian () gmail com
Subject: Re: [Full-Disclosure] Affordable Network
Behavior Analysis
alternatives


Jeff,

You may want to take a look at the nSight behavior
analysis product from Intrusense
(http://www.intrusense.com). 

We were actually in a similar bind a while back and
came across their beta program. We've been using it
ever since and will be buying it as soon as their
release version comes out. 

It has both standalone and distributed installation
types and dead simple to install and configure.
Overall it has less functionality than QRadar but it
made up for that in cost. While we haven't
*officially* purchased it yet, we were quoted under
$10,000 for the distributed version with support for
3
collector agents.

Still too much? You may also want to take a look at
Snort and Ntop then.

Feel free to email me if you want more details.


Steve


-------------------------------------------
Thu, 22 Jul 2004 13:33:15 -0400
Jeff Gillian  jeff.gillian () gmail com wrote:

Hi list,

Since it appears the SecurityFocus Sectools and IDS
lists are dead, I
thought I'd repost this here.

I recently saw a posting on FocusIDS regarding the
high cost of the
most commercial solutions. The one mentioned was the
QRadar product
from Q1Labs. Don't get me wrong, we have a budget,
we
just don't have
a Fortune 500 budget. :)

My question is simple, are there any other
commercial
out-of-the-box
alternatives to QRadar? Something that isn't going
to
cost me >$40,000
to deploy?

Any input would be appreciated.

Regards,

Jeff G.





              
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.netsys.com/full-disclosure-charter.html





        
                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: