IDS mailing list archives

RE: Fortinet IDS

From: "Tom Neclerio" <Tneclerio () guardednetworks com>
Date: Mon, 18 Oct 2004 12:22:42 -0400

Yes it is transparent I work with Fortinet a lot. It can also handle
authenticated SMTP, where ISS can not.

-----Original Message-----
From: Ian Gallagher [mailto:cdine.org () gmail com] 
Sent: Sunday, October 17, 2004 5:13 AM
To: Don Draper
Cc: focus-ids () securityfocus com
Subject: Re: Fortinet IDS

I'm almost certain that their products scan transparently.

On 14 Oct 2004 13:30:38 -0000, Don Draper <don () draperconsulting com>
wrote:

In-Reply-To: <200407270109.i6R19ZZr041277 () mx-out daemonmail net>

Does anyone know if Fortinet on-board virus scanning uses an SMTP 
proxy server? Or is it able to accomplish this transparently by simply

inspecting the packets as most the IDS/IPS do.

We just purchased a new Proventia M10 from ISS and have discovered 
that we cannot use it for Anti-Virus (email) or Anti-Spam due the 
ffact that it uses an on-board SMTP proxy server that does not support

SMTP authentication among other issues. The IPS module does not need 
the proxy and works fine.  Having on-board virus scanning at the 
network edge would be very helpful and Fortinet docs would make you 
think it is ALL done with packet inspection and without any nasty 
proxies in the middle. Does anyone know how this works?

TIA,

Don

----------------------------------------------------------------------
----
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from

CORE IMPACT. Go to 
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to

learn more.

------------------------------------------------------------------------
--



-- 
Ian Gallagher
http://cdine.org

------------------------------------------------------------------------
--
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to
learn more.
------------------------------------------------------------------------
--

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------

Current thread:

Re: Fortinet IDS Don Draper (Oct 15)
- Re: Fortinet IDS Mark Teicher (Oct 18)
- Re: Fortinet IDS Ian Gallagher (Oct 18)
  - Re: Fortinet IDS Jason (Oct 19)
    - Re: Fortinet IDS Ryan Whalen (Oct 21)
    - Re: Fortinet IDS Ron Gula (Oct 21)
  - Message not available
    - Re: Fortinet IDS Ian Gallagher (Oct 21)
- <Possible follow-ups>
- RE: Fortinet IDS Tom Neclerio (Oct 19)
- RE: Fortinet IDS David Puckett (Oct 21)
  - snort-inline capabilities ( WAS: Re: Fortinet IDS ) Jason (Oct 21)
- RE: Fortinet IDS Michael Allgeier (Oct 21)