IDS mailing list archives
re: Survey on IDS!
From: andy cuff <lists () securitywizardry com>
Date: Thu, 14 Dec 2006 13:55:42 +0000
Hugo, You've probably opened the door on a pre-Christmas vendor winge fest
1. In your opinion, which is the best IDS ?
1. It depends upon what your requirements are, no IDS can meet everyone's requirements. Off the top of my head, are you looking for: High throughput Full rolling packet capture in addition to event packet capture SSL decryption Management on a separate server Interaction with a SIM, if so via what mechanism Cost of tin and people to manage (there is no free IDS) Are your staff Linux or Windows experienced Are your staff familiar with MS SQL, Oracle, MySQL etc Are your analytical staff able to understand raw output or will they require event descriptions How many IDS are required Would you prefer software or appliances etc etc etc Now we can start to look at how capable the IDS is Scroll back through the archives, this question has been asked approximately every 6 months for the last 6 years Best Regards -- Andy Cuff Computer Network Defence Ltd www.SecurityWizardry.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- re: Survey on IDS! andy cuff (Dec 14)