RE: IPS as anti ddos???? [was: Re: so, is I[dp]S a STUPID technology?]

["Kyle Quest" <Kyle.Quest () networkengines com>]

I tried to reply off-list, but the Bob's email system
said that I "do not have permission to send to this recipient",
so I decided to send it to the list...

I was talking about the NSS Group, which is considered
to be the number one security product testing organization.
They test IPS,IDS,UTM,Web Firewall,Firewall, etc products.
Take a look at their website:  http://www.nss.co.uk/

Nobody in the idustry is even close to the level of work
and the vendor coverage they got. Everybody in the security
business goes to test with them... ISS, Cisco, TippingPoint,
and the list goes on...

Just as a note, I don't work for NSS. I got a chance to work
with them while testing some of the IPS systems I've worked on.

And just for those NSS critics (if there are any)...
sure they don't test for every single vulnerability possible (which
would be actually almost impossible), but their tests are comprehensive
and cover the most important areas. 

ICSA labs, from the all-mighty Cybertrust, are trying to come up
with IPS tests, but they still don't have anything useful to work with.





-----Original Message-----
Kyle,
 
Thanks for the post, just for clarification, can you define the acronym NSS?
 
Thanks,
Bob

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.