nanog mailing list archives

Re: Intrusion Detection recommendations

From: Richo Healey <richo () psych0tik net>
Date: Fri, 13 Feb 2015 10:03:31 -0800

On 13/02/15 17:45 +0000, Mel Beckman wrote:

Unless you need regulatory-grade IDS, your best bet is a Unified Threat Management (UTM) appliance, essentially any 
modern enterprise grade firewall such as a Cisco ASA, Fortigate, SonicWall, etc. These all have built-in IDS/IPS 
options for a fee.

-mel


Flip over these, or ideally watch the talk before deploying an ASA (or some
other black-box security appliance that tries to be All Things to All People)

https://ruxcon.org.au/assets/2014/slides/Breaking%20Bricks%20Ruxcon%202014.pdf

--
richo

Current thread:

Intrusion Detection recommendations Andy Ringsmuth (Feb 13)
- Re: Intrusion Detection recommendations Mel Beckman (Feb 13)
  - Re: Intrusion Detection recommendations J. Oquendo (Feb 13)
    - Re: Intrusion Detection recommendations Mel Beckman (Feb 13)
    - Re: Intrusion Detection recommendations J. Oquendo (Feb 13)
    - Re: Intrusion Detection recommendations Mel Beckman (Feb 13)
    - Re: Intrusion Detection recommendations Matthew Petach (Feb 14)
  - Re: Intrusion Detection recommendations Richo Healey (Feb 13)
- Re: Intrusion Detection recommendations J. Oquendo (Feb 13)
- Re: Intrusion Detection recommendations Rafael Possamai (Feb 13)
  - Re: Intrusion Detection recommendations Rich Kulawiec (Feb 13)
    - Re: Intrusion Detection recommendations Rafael Possamai (Feb 13)
    - Re: Intrusion Detection recommendations Valdis . Kletnieks (Feb 13)
    - Re: Intrusion Detection recommendations J. Oquendo (Feb 13)
    - Re: Intrusion Detection recommendations Rich Kulawiec (Feb 14)
    - Re: Intrusion Detection recommendations BPNoC Group (Feb 14)
    - Re: Intrusion Detection recommendations Jimmy Hess (Feb 14)
    - Re: Intrusion Detection recommendations Mel Beckman (Feb 13)

(Thread continues...)