IDS mailing list archives

RE: How to choose an IDS/FW MSS provider

From: Melih Kırkgöz (Koç.net) <melihk () koc net>
Date: Fri, 11 Mar 2005 10:59:48 +0200

Hi There,

We are not using MSS service from ISS,what i meant with  "good support" was;
Response time,care and keen interest on customer problems,and most importantly perfect technical knowledge(X-Force)
For my opinion,security is not networking.It's not about speed,throughput,etc..
İt's a matter of trust,technical knowhow and vision.
That's why i trust checkpoint as a fw,(no matter on what platform it runs) or ISS as Intrusion Detection/Prevention

Kind regards,
Melih

-----Original Message-----
From: Stephane [mailto:stephane.d () ecologie net] 
Sent: Thursday, March 10, 2005 10:38 AM
To: Brady, Rick
Cc: Melih Kırkgöz (Koç.net); focus-ids () securityfocus com
Subject: Re: How to choose an IDS/FW MSS provider

Brady, Rick wrote:

Melih,
I guess you must be special to ISS, from my experience the support has been sub-par. Also do you like the idea that 
ISS IDS signatures are not known to the customer and only ISS ? 

Rick Brady
Liberty Mutual Group
I/S TSSS Engineering Network Access Control 
mailto:rick.brady () libertymutual com
(603) 245-4214   8-435-4214sdn

Hi there,

What are you talking about? The support? do you mean people behind support () iss net or mss.support () iss net ?

What looks good with ISS, MSS Dept is that you have somehow the X-Force support http://xfoce.iss.net ; as far as I know
and tell me if I am wrong, ISS is the only security provider having an R&D dept which is the X-Force team. My
impression about Cisco IDS for example is that they just do follow the CERT to react (to react, this word is important,
not to prevent). ISS supported by X-Force provides signatures sometimes a long time before the thread is even known. Do
you want those guys to post those signatures to the mass in order to have Symatntec, Cisco or other Netscreen getting
R&D free profits out of it? Not sure you'd do so.

Also, my question was about how to choose an IDS *AND* FW firewall. I know I am a bit out of the topic of this
mailing-list but you can be good at IDS and maybe bad at firewalls which are much more complex through.

PS: and once again, ISS is in the gane for 10 long years. What about the competitors?

Thanks,

Stephane

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
_____________________________________________________________________________________________________________________________________________

Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla
ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini
kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde,
herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi
anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile
kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir
sorumlulugu kabul etmez.
This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain
confidential information. If you are not the intended recipient of this message or you receive this mail in error, you
should refrain from making any use of the contents and from opening any attachment. In that case, please notify the
sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can
not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the
presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data
corruption may not be present and do not take any responsibility in any occurrence.
_____________________________________________________________________________________________________________________________________________

--------------------------------------------------------------------------
Test Your IDS

Current thread:

RE: How to choose an IDS/FW MSS provider, (continued)
- - RE: How to choose an IDS/FW MSS provider Jeff Boggie (Mar 11)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 14)
    - Re: How to choose an IDS/FW MSS provider Martin Roesch (Mar 16)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 19)
    - Re: How to choose an IDS/FW MSS provider Martin Roesch (Mar 19)
    - Re: How to choose an IDS/FW MSS provider Thomas H . Ptacek (Mar 23)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 23)
    - Re: How to choose an IDS/FW MSS provider Dave Aitel (Mar 19)
- RE: How to choose an IDS/FW MSS provider Palmer, Paul (ISSAtlanta) (Mar 10)
  - RE: How to choose an IDS/FW MSS provider Randy Golly (Mar 10)
- RE: How to choose an IDS/FW MSS provider Koç.net (Mar 11)
- Re: How to choose an IDS/FW MSS provider Mark Teicher (Mar 11)
- RE: How to choose an IDS/FW MSS provider Andrew Plato (Mar 14)
- Re: How to choose an IDS/FW MSS provider fuijdancer (Mar 14)
  - Re: How to choose an IDS/FW MSS provider Stephane (Mar 16)
- Re: How to choose an IDS/FW MSS provider Peter Schawacker (Mar 14)
  - Re: How to choose an IDS/FW MSS provider Kevin (Mar 14)
  - Re: How to choose an IDS/FW MSS provider Will Metcalf (Mar 16)
- RE: How to choose an IDS/FW MSS provider Dahl-Hansen, Kjetil (Mar 16)
- RE: How to choose an IDS/FW MSS provider Joshua Berry (Mar 16)
- Re: How to choose an IDS/FW MSS provider Peter Schawacker (Mar 16)

(Thread continues...)