Full Disclosure mailing list archives
RE: Affordable Network Behavior Analysis alternatives
From: "Evans, Arian" <Arian.Evans () fishnetsecurity com>
Date: Wed, 28 Jul 2004 17:16:33 -0500
My question is simple, are there any other commercial out-of-the-box alternatives to QRadar? Something that isn't going to cost me >$40,000 to deploy?All the ones I have seen so far are megabucks (Qradar and Arbor Networks). I will be checking out intrusense as soon as I can get a demo copy based on everyone elses positive replies.
Lancope and Securify both have appliances that start in the 10k range. Mazu has a nice offering too, but I'm not sure if they ever came out with anything affordable for smaller environments (at one time it was about 120k+ to get in the door if I remember correctly). Personally I think Stealthwatch is the easiest to configure/tune of the ones I've seen mentioned above (I've not seen Intrusense's nsight). Securify has limited protocol validation going for it too, if you don't already have that in your NIDS. Stealthwatch also has some strong points like setting ACLs when needed. Not knowing how many collection points you need, how much traffic you have (and how easily you can aggregate it) it's hard to say whether or not you can get by on one 10k appliance. Good luck, and sorry for the auto-disclaimer that will be attached to my email as soon as it leaves my mail server, Arian Evans Sr. Security Engineer FishNet Security KC Office: 816.421.6611 Direct: 816.701.2045 Toll Free: 888.732.9406 Fax: 816.474.0394 http://www.fishnetsecurity.com The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network system. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Affordable Network Behavior Analysis alternatives Jeff Gillian (Jul 22)
- <Possible follow-ups>
- Re: Affordable Network Behavior Analysis alternatives Steven Rakick (Jul 22)
- RE: Affordable Network Behavior Analysis alternatives Heather M. Guse Bryan (Jul 23)
- RE: Affordable Network Behavior Analysis alternatives Steven Rakick (Jul 26)
- RE: Affordable Network Behavior Analysis alternatives Heather M. Guse Bryan (Jul 23)
- RE: Affordable Network Behavior Analysis alternatives jason.heschel (Jul 22)
- RE: Affordable Network Behavior Analysis alternatives crayola (Jul 27)
- RE: Affordable Network Behavior Analysis alternatives Evans, Arian (Jul 28)