IDS mailing list archives
RE: IPS Reliability/Availability
From: "Andrew Plato" <andrew.plato () anitian com>
Date: Mon, 6 Feb 2006 08:04:30 -0800
Most of these devices are pretty good for reliability. The only exception I would make is SourceFire, which back when we sold it had abysmal reliability (3 out of 4 boxes we sold to a customer show up dead or died soon after installation). TippingPoint sells a zero-power bypass add-on for their IPS. If the IPS fails in anyway, traffic is passed through the zero-power device. Its very easy to add. Juniper does something similar. ----------------------------------------------- Andrew Plato, CISSP, CISM President/Principal Consultant Anitian Enterprise Security ----------------------------------------------- -----Original Message----- From: geek_brigades () yahoo com [mailto:geek_brigades () yahoo com] Sent: Thursday, February 02, 2006 8:27 AM To: focus-ids () securityfocus com Subject: IPS Reliability/Availability I am working on a big IPS project and I am very concerned about installing an inline device in a core enterprise network, where these devices have the potential to create big time network outages. Can you, please, share your possible bad experiences about the reliability of the following inline IPS products: ISS TippingPoint Juniper IPS Sourcefire McAfee IntruShield Have you had any issues with the availability of these devices, such as fail close crashes or do you have any experience with bypass switches that would mitigate the availability issue? Thanks, Mike ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ _________________________________________________ NOTICE: This email may contain confidential information, and is for the sole use of the intended recipient. If you are not the intended recipient, please reply to the message and inform the sender of the error and delete the email and any attachments from your computer. _________________________________________________ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- IPS Reliability/Availability geek_brigades (Feb 02)
- RE: IPS Reliability/Availability Chris Serafin (Feb 02)
- RE: IPS Reliability/Availability Wes Young (Feb 06)
- Re: IPS Reliability/Availability David W. Goodrum (Feb 07)
- RE: IPS Reliability/Availability Wes Young (Feb 06)
- Re: IPS Reliability/Availability FinAckSyn (Feb 07)
- Re: IPS Reliability/Availability Richard Bejtlich (Feb 21)
- <Possible follow-ups>
- RE: IPS Reliability/Availability CraigPaterson (Feb 06)
- RE: IPS Reliability/Availability Andrew Plato (Feb 07)
- Re: IPS Reliability/Availability David Williams (Feb 13)
- Re: IPS Reliability/Availability Bob Walder (Feb 13)
- Re: IPS Reliability/Availability Martin Roesch (Feb 19)
- RE: IPS Reliability/Availability Alan Shimel (Feb 21)
- Re: IPS Reliability/Availability Martin Roesch (Feb 21)
- RE: IPS Reliability/Availability Alan Shimel (Feb 21)
- Re: IPS Reliability/Availability Martin Roesch (Feb 21)
- Re: IPS Reliability/Availability David Williams (Feb 13)
- Re: IPS Reliability/Availability Bob Walder (Feb 22)
- Re: IPS Reliability/Availability Sap . (Feb 24)
- Re: IPS Reliability/Availability Bob Walder (Feb 24)
- RE: IPS Reliability/Availability Chris Serafin (Feb 02)