IDS mailing list archives
Re: [lists] New IPS testing methodology
From: Bob Walder <bwalder () spamcop net>
Date: Sat, 14 Oct 2006 13:59:50 +0200
Indeed - but each of those sources, plus the master list of certifications I mentioned in the previous posting, state quite clearly that the certification was for their Gigabit IDS sensor - I thought it was IPS you were interested in? Bob Walder On 14/10/06 12:55, "Aruna" <arunah () slt lk> wrote:
Hi List My information was based on the following link by Sourcefire : http://www.sourcefire.com/news/awards.html And also following the following Link from NSS : http://www.nss.co.uk/grouptests/gigabitids/edition3/pdf/Sourcefire%20IS3000% 20V4.0.2%20WP.pdf Is this different to IPS what the sourcefire claim to be ? Consisting of Intrusion Sensor( above )and Source Fire RNA , combined called 3-d security by Source Fire. Appreciate to know whether this is NOT an IPS by definition of NSS also. I am a bit confused , appreciate any help on this. Regards aruna -----Original Message----- From: Bob Walder [mailto:bwalder () spamcop net] Sent: Saturday, October 14, 2006 4:10 PM To: Aruna; 'Curt Purdy'; Focus-Ids Mailing List Subject: Re: [lists] New IPS testing methodology SourceFire IPS products have not yet been certified/Approved, neither under the current methodology nor the previous ones - see complete list of current and previous certifications here: http://www.nss.co.uk/certification/tested.htm We are hoping to see SourceFire IPS products in our labs in the near future Bob Walder On 14/10/06 11:33, "Aruna" <arunah () slt lk> wrote:Hi List Do we have any comparison between Source Fire IPS and ISS Proventia IPS : Seems both are NSS certified and approved also. Any help is highly appreciated. Regards aruna ======================================== Aruna B. Herath Head Of Internet Data Center Section, 5th Floor, SLT HD Qts, Lotus Road, Colombo 1, Sri Lanka. Tel : +94 11 2337999 Fax : +94 11 2387918 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Curt Purdy Sent: Friday, October 13, 2006 2:35 PM To: 'Bob Walder'; 'Focus-Ids Mailing List' Subject: RE: [lists] New IPS testing methodology I am very glad to see ISS Proventia certified. I am currently taking the Basic and Advanced Proventia class followed by the Internet Scannerclass.The Fusion Module that unites the VA data with the IPS to reduce false positives is an amazing product. Now that IBM has bought ISS and will incorporate it along with the acquired SIM, neuSecure (now TSOM) is our answer to continual monitoring and protection of the network and servers (with ISS HIDS). Curt Purdy CISSP, GSNA, GSEC, CNE, MCSE+I, CCDA Manager Information Security CareFirst BlueCross BlueShield curt.purdy () carefirst com 443.846.4231 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Bob Walder Sent: Tuesday, October 10, 2006 9:19 AM To: Focus-Ids Mailing List Subject: [lists] New IPS testing methodology For those of you who are interested, we have launched our new IPS testing methodology which includes more extensive security coverage testing, evasion testing and performance testing than previously, as well as formalising the testing of the management capabilities, etc. The format of the test reports has been streamlined to try and make them easier to read and to relate the descriptive test directly to the methodology. This should make it easier to compare different reports/products. Biggest news is that the ENTIRE test report - including all the benchmark tables, etc. - is now available on-line for free download (noregistration).The first products have now been certified and the results are available on-line at the following links: http://www.nss.co.uk/certification/ips/certips.htm http://www.nss.co.uk/certification/ips/certipsresults.htm As you will see, all of the certification programs are ongoing throughout the year now - we intend to collect a number of the results together with some analysis in a group test report every so often I hope you find the individual test reports useful - many vendors are signed up for both IPS and Multi-Gigabit IPS testing and the results will be published as the testing of each product is completed. Bob Walder The NSS Group ---------------------------------------------------------------------- -- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campa ign=in tro_sfw to learn more. ---------------------------------------------------------------------- -- ---------------------------------------------------------------------- -- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campa ign=in tro_sfw to learn more. ---------------------------------------------------------------------- --
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- New IPS testing methodology Bob Walder (Oct 11)
- RE: [lists] New IPS testing methodology Curt Purdy (Oct 13)
- RE: [lists] New IPS testing methodology Aruna (Oct 16)
- Re: [lists] New IPS testing methodology Bob Walder (Oct 16)
- RE: [lists] New IPS testing methodology Aruna (Oct 16)
- Re: [lists] New IPS testing methodology Bob Walder (Oct 16)
- RE: [lists] New IPS testing methodology Aruna (Oct 16)
- RE: [lists] New IPS testing methodology Curt Purdy (Oct 13)