IDS mailing list archives
Re: NetFlow for IDS
From: "Jonathan Glass (GMail)" <jonathan.glass () gmail com>
Date: Wed, 20 Jul 2005 19:42:28 -0400
Lancope sells a Stealthwatch XE appliance for anomaly-based IDS using Netflow analysis.
Jonathan Glass Gary Halleen (ghalleen) wrote:
That list is handy, but incomplete.Cisco MARS should be added. MARS is a SIM product that receives log information from various sources (firewalls, routers, switches, IDS/IPS, host logs, antivirus, and more). It also receives netflow, and can provide very useful security-related information based on it. Gary
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- NetFlow for IDS Andy Cuff (Jul 15)
- Re: NetFlow for IDS Adam Powers (Jul 17)
- Re: NetFlow for IDS Gianpiero Porchia (Jul 21)
- <Possible follow-ups>
- RE: NetFlow for IDS Gary Halleen (ghalleen) (Jul 20)
- Message not available
- RE: NetFlow for IDS Ron Gula (Jul 21)
- RE: NetFlow for IDS Mark Teicher (Jul 22)
- Re: NetFlow for IDS Richard Bejtlich (Jul 22)
- Re: NetFlow for IDS Adam Powers (Jul 25)
- Re: NetFlow for IDS Fergus Brooks (Jul 27)
- Message not available
- Re: NetFlow for IDS Jonathan Glass (GMail) (Jul 21)
- Re: NetFlow for IDS Fergus Brooks (Jul 22)
- Re: NetFlow for IDS Roland Dobbins (Jul 25)