IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: IPS - Cisco vs. McAfee vs. Tippingpoint

From: "Diego Garay" <dgaray () dacas com>
Date: Wed, 29 Jul 2009 12:32:28 -0300
Hi 
This product can help

http://www.fortinet.com/products/fortiweb/
 
                          or
http://www.fortinet.com/products/fortigate/


pd:     
I hope it will not take it as spam  :S

Diego 

-----Mensaje original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de Hurgel Bumpf
Enviado el: MiƩrcoles, 29 de Julio de 2009 09:25 a.m.
Para: focus-ids () securityfocus com
Asunto: IPS - Cisco vs. McAfee vs. Tippingpoint


Hi List,

i need to protect a "realtime" website with an inline IPS from (D)DOS attacks.

I had some bad experience with Tippingpoint UnityOne 2400 field test. The device dropped to much sessions until all 
connectivity was lost. 
After that no investigation was not possible as TP logs all attack information with IP address 0.0.0.0 

The vendor excused this with the layered technology and passing the IP address from the hardware to the logger would 
lead to delayed packages)

This is unacceptable.

i'm now looking forward to test a Cisco IPS 4270-20 and a McAfee Network Security 4050 appliance. 

Who has a good/bad experience with that devices? Is it true that all devices don't log ip adresses?

My dream appliance would be able to run like in a 7 day learning mode which counts max new sessions per second, max 
sessions per client aso. After this 7 days it creates a filter with +x% of the learned values and sets these limits 
active.

A big problem is that i have to install it into the productive system to get the real values. I dont have any fixed 
values regarding the new sessions per second and i cant just guess and set values and render the system offline. 

All information is highly appreciated!

Thank you very much for your time,

Andre


      

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate 
on your web server, you can securely collect sensitive information online, and increase business by giving your 
customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194




__________ Informacin de NOD32, revisin 4286 (20090728) __________

Este mensaje ha sido analizado con NOD32 antivirus system
http://www.nod32.com



-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate 
on your web server, you can securely collect sensitive information online, and increase business by giving your 
customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
Previous By Date Next
Previous By Thread Next

Current thread: