IDS mailing list archives
Re: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within)
From: Mark Teicher <mht3 () earthlink net>
Date: Sun, 17 Jul 2005 12:14:13 -0400
Depends on how much one is invested in research and evaluating the various product that will suit the requirements.
At 04:20 AM 7/15/2005, mark12_30 () hotmail com wrote:
Hello,I'm interested in the general feel from people about what should be used in the following scenario:- Large corporation (4000+ servers) - Looking for Host-Based IDS/IPS for key servers - Established 24x7 monitoring team - Solution has to pick up common exploits (Buffer Overruns & API calls etc) - Has large, established network IDS - Only deploying on windows win2k & 2003 servers (web, email, app, db etc) - Conservative windows server management group - Implementing point solution SIEM (eg arcsight etc)Given the above situation, what would you recomment? I understand from a lot of research that HIPS is gathering momentum. Any thoughts would be great, esp suggestions on productsThank you -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) mark12_30 (Jul 15)
- Re: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) Mark Teicher (Jul 18)
- <Possible follow-ups>
- RE: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) Brunner, Mark (Jul 17)
- RE: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) Andrew Plato (Jul 17)
- Message not available