RE: [lists] New IPS testing methodology

[Aruna <arunah () slt lk>]

Hi List

Do we have any comparison between Source Fire IPS and ISS Proventia IPS :

Seems both are NSS certified and approved also.

Any help is highly appreciated.

Regards

aruna 


========================================
Aruna B. Herath
Head Of Internet Data Center Section,
5th Floor, SLT HD Qts,
Lotus Road,
Colombo 1,
Sri Lanka.
 
Tel  : +94 11 2337999
Fax : +94 11 2387918
 
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Curt Purdy
Sent: Friday, October 13, 2006 2:35 PM
To: 'Bob Walder'; 'Focus-Ids Mailing List'
Subject: RE: [lists] New IPS testing methodology

I am very glad to see ISS Proventia certified.  I am currently taking the
Basic and Advanced Proventia class followed by the Internet Scanner class.
The Fusion Module that unites the VA data with the IPS to reduce false
positives is an amazing product.  Now that IBM has bought ISS and will
incorporate it along with the acquired SIM, neuSecure (now TSOM) is our
answer to continual monitoring and protection of the network and servers
(with ISS HIDS).

Curt Purdy CISSP, GSNA, GSEC, CNE, MCSE+I, CCDA Manager Information Security
CareFirst BlueCross BlueShield curt.purdy ()  carefirst com
443.846.4231


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Bob Walder
Sent: Tuesday, October 10, 2006 9:19 AM
To: Focus-Ids Mailing List
Subject: [lists] New IPS testing methodology

For those of you who are interested, we have launched our new IPS testing
methodology which includes more extensive security coverage testing, evasion
testing and performance testing than previously, as well as formalising the
testing of the management capabilities, etc.

The format of the test reports has been streamlined to try and make them
easier to read and to relate the descriptive test directly to the
methodology. This should make it easier to compare different
reports/products. 

Biggest news is that the ENTIRE test report - including all the benchmark
tables, etc. - is now available on-line for free download (no registration).
The first products have now been certified and the results are available
on-line at the following links:

http://www.nss.co.uk/certification/ips/certips.htm
http://www.nss.co.uk/certification/ips/certipsresults.htm

As you will see, all of the certification programs are ongoing throughout
the year now - we intend to collect a number of the results together with
some analysis in a group test report every so often

I hope you find the individual test reports useful - many vendors are signed
up for both IPS and Multi-Gigabit IPS testing and the results will be
published as the testing of each product is completed.

Bob Walder
The NSS Group






------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in
tro_sfw
to learn more.
------------------------------------------------------------------------






------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in
tro_sfw
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------