Re: Network IDS

["Duston Sickler" <dustons () charter net>]

This is my home account.  I work for a financial institution that would like
to remain anonyms.

Duston Sickler
CompTIA A+ Certified
"Cedo nulli."
----- Original Message ----- 
From: "Logan Rogers-Follis - TNTNetworx.net" <logan () tntnetworx net>
To: "Duston Sickler" <dustons () charter net>;
<security-basics () securityfocus com>
Sent: Friday, August 15, 2003 5:42 PM
Subject: Re: Network IDS


> Wish I could recommedn a Windows based IDS, but I am not aware of any
> excep tthe Windows port of Snort.  I would also like to hear about any
> Windows or hardware based IDS that are good.  I am sorry to hear they
> are not open to the *nix world, about the only you don't get with *nix
> is a cheap admin and alot of support...otherwise I find more stuff to be
> on *nix than the Win32 based OS.
> BTw, I noticed the domain name is charter.net, is this your company?
> You don't have a IDS yet?  I got a local Charter office in my town and
> last I knew they were pretty well on-top of things other than the Lovsan
> virus caught a lot of the local customers ;-0 (not me though...I am
> paranoid and have a heavliy configured Windows software Firewall and
> soon a OBSD IDS/firewall/Gateway)
>
> Duston Sickler wrote:
>
> > Hello,
> >
> > I would like to thank in advance everyone who is out of the office.  I
> > really do like to hear about it.
> >
> > The Network Administrator for the company I work for has charged me to
> > locate a Network Intrusion Detection System.  We do have a monitored
> > firewall between us and the outside world.  We need something to protect
our
> > servers from anyone coming from the inside.  We have about 20 Windows
2000
> > Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations.
> >
> > We live in a 100% Windows world and the powers that be will not be
receptive
> > to any *nix solutions.  We are more the willing to pay for a top of the
line
> > product as long is it is in fact top of the line.
> >
> > Currently I have been looking at the Symantec Gateway Device.  We like
the
> > idea of a stand alone piece of hardware.  The only problem is we already
> > have a gateway server washing our email of viruses and 99% of Spam.
> >
> > Does anyone have any comments on the Symantec Gateway device?  We have
had
> > excellent experiences with there Gateway software and NAV Corp.  Does
anyone
> > have a different or better device that they could point me towards?
> >
> > I would like to thank everyone who replies to this post.  I have learned
a
> > great deal being on this list the last year and will continue to
appreciate
> > all the expertise that is freely given here.
> >
> > Duston Sickler
> > CompTIA A+ Certified
> > "Cedo nulli."
>
> ---------------------------------------------------------------------------
>
> ---------------------------------------------------------------------------
-
> > .


---------------------------------------------------------------------------
----------------------------------------------------------------------------