IDS mailing list archives
Re: IDS Opinions
From: gcb33 () dial pipex com
Date: Mon, 7 Jun 2004 17:05:54 +0100
OK Symantec was the old cisco entercept think (Bad HIDS) real pain to setup and limited in scope had problems with Service packs on Microsoft boxes it was a logging and configuration was a pain to the point of sitting down and creating exceptions it was signature based The Cisco Security Agent or (okean stormwatch ) is role based not signature based allows for large role out deployment creating profiles for antivirus as an application class has no issues with Service packs, allows you to create very good profiles of Web services, I have configured to work on .NET framework , Oracle Apps servers, Websphere Apps servers no problems,all on W2000 Adv server, with also some success with W2003 even though it is not supported but soon to be released have tested it against unpatched machines with worm exploits and it does stop them including the SSL vuln on webservers it does not cause the IIS to be exploited but may freeze IIS over a prolong time, but it does trap and stop and not be exploited played on ISS as well , but cisco had better support and scale ability from my perspective, can be placed with the NIDS as well and FW for a easy managed solution with automatic shunning of pesky people or systems. my few ...... cents worth james Quoting Nik Schild <nikschild () gmx net>:
Hello why is nobody talking about prelude (http://www.prelude-ids.org)? It's supposed to perform much better than snort and fits better into large environments, it's much more felxible becasue prelude is more a framework than just a single IDS. Till now I did not have the chance to have a closer look to prelude, but I would really be interested in experiences made by some others. thanks nik crayola () optonline net wrote:Folks, I am currently in the middle of an RFP process to buy a new Network ids system for my company. I have narrowed it down to Sourcefire's, Dragon (Enterasys), and Symantec's manhunt. I would love to hear your opinions about these products if you use or have used them. Anything you can share would be great. I am really lookingfor some nonsales type opinions about how they work in the real world. Thanks, Mike--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------
-- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- RE: IDS Opinions, (continued)
- RE: IDS Opinions Danislav Kostov (Jun 01)
- RE: IDS Opinions Martin (Jun 02)
- Re: IDS Opinions manish (Jun 02)
- Re: IDS Opinions Devdas Bhagat (Jun 14)
- RE: IDS Opinions Steve Massa (Jun 02)
- RE: IDS Opinions NTL World - Chris Standard (Jun 18)
- RE: IDS Opinions fr0ck9 (Jun 02)
- Re: IDS Opinions mills (Jun 02)
- Re: IDS Opinions Nik Schild (Jun 07)
- Re: IDS Opinions Brian (Jun 07)
- Re: IDS Opinions gcb33 (Jun 07)
- Re: IDS Opinions Greg Martin (Jun 09)
- FW: IDS Opinions Madalin Bratu (Jun 21)
- RE: IDS Opinions Danislav Kostov (Jun 01)