Re: IDS/IPS Management devices

["Andres Riancho" <andresit () fibertel com ar>]

Biswas ,

    It all depends on the money you or your company is willing to spend on
security. The best solution i think of is a double bastion with a Firewall
( pix / checkpoint / iptables if you want a cheap option ) and an IPS. If
you want a cheap solution i would suggest a simple firewall with a really
restricted set of rules to only allow traffic to and from the sensors on the
corresponding ports.

Cheers ,

Andres Riancho

----- Original Message ----- 
From: "Biswas, Proneet" <pbiswas () ipolicynetworks com>
To: <focus-ids () securityfocus com>
Sent: Thursday, March 24, 2005 4:35 PM
Subject: IDS/IPS Management devices


> One of the issues which we have seen with IDS/IPS vendors shipping
> Management stations to manage their devices is that customers start
> questioning how secure the management station is as it is mostly windows
> based platforms and there are no Anti-Virus software etc. running on
> them. So is it safe to suggest that the management station  should be
> sitting behind one of the security devices which is managing it.
> Any thoughts ?
>
>
>
> --------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from
> CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> --------------------------------------------------------------------------


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------