Penetration Testing mailing list archives
RE: IPS Comparison
From: "Slamet" <slamet () sdt co id>
Date: Fri, 9 Sep 2005 19:12:17 +0700
Hi Harjith, Here some list of third party report that may useful for you to give an idea about comparison of IPS products : http://www.tips-it.com/product.php?pid=4 http://www.nss.co.uk Gartner Report (G00123902, "Seven Key Selection Criteria for Network IPSs", author Greg Young, November 1, 2004) http://www.iss.net/resources/pescatore.php (Interview with John Pescatore, VP and Research Fellow with Gartner, Inc. to discuss the future of Internet security. In this interview, Pescatore shared his views on a variety of topics, including vulnerability management, intrusion prevention and the future landscape of Internet security). Here some my opinion, when we choosing which IPS product is the best one, there some factor that we need to consider it. There is a whitepaper (it is free) from one IPS vendor (ISS) that give some brief explanation about what criteria need to be consider when choosing an IPS product. I know maybe you will think that this whitepaper may be not objective one since it created by some IPS vendor, but my point is maybe this whitepaper can help you give some idea. You can download the whitepaper at http://documents.iss.net/whitepapers/ISS_Network_Intrusion_Prevention_White_ paper.pdf The important thing question that when choosing an IPS is : When IPS can detect & blocking the attacks? BEFORE exploit release or AFTER exploit release and already outbreak around the world? IPS vendor protection is based on Exploit-driven (Reactive) or Vulnerability-driven (Proactive)? For more information about Exploit-driven vs Vulnerability-driven, please see whitepaper from ISS (it is free) at http://documents.iss.net/whitepapers/ISS_Vulnerability_Lifecycle_Whitepaper. pdf A better protection is combined between NIPS (Network IPS) & HIPS (Host IPS). Some IPS vendor doesnt have HIPS product, so they will say that NIPS is enough to protect customer enterprise. HIPS & NIPS is complement each other. You can find more information about HIPS & NIPS is competitor or partner whitepaper (it is free) from McAfee at http://www.mcafeesecurity.com/us/local_content/white_papers/wp_host_nip.pdf Hope it useful for you. Regards, Slamet F. -----Original Message----- From: jith jith [mailto:jackieoop () yahoo co in] Sent: Friday, August 26, 2005 1:52 PM To: greg () mcpheecomm com Cc: pen-test () securityfocus com; charbel () cultura com br Subject: IPS Comparison Hi, Im working as security consultant. currently im stepping into the IPS market. I would like to have the comparison sheet between different IPS products like Radware-Defence Pro, ISS, McAffe, juniper, Entrasys etc Plz help me out in the same. Thanks and Regards Harjith ____________________________________________________ Send a rakhi to your brother, buy gifts and win attractive prizes. Log on to http://in.promos.yahoo.com/rakhi/index.html ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- RE: IPS Comparison Slamet (Sep 11)
- <Possible follow-ups>
- RE: IPS Comparison Slamet (Sep 15)