Re: Network IDS

[Schneider Sebastian <ses () straightliners de>]

There are several quite good network IDSs available. I don't know, if there 
are windows ports since I'm on Linux/BSD, but anyways:

NFR Security NID, Cisco Secure, Enterasys Dragon, Shadow, ISS RealSecure

For theses products you'll get support.

Sebastian

On Saturday 16 August 2003 21:17, Duston Sickler wrote:
> Snort was my first recommendation.  However the Network Administrator is of
> the attitude that free software = cheap or lower class software.  He also
> didn't like the fact the there was no tech support we could call.
>
> Duston Sickler
> CompTIA A+ Certified
> "Cedo nulli."
> ----- Original Message -----
> From: "smyrum" <smyrum () bresnan net>
> To: "'Duston Sickler'" <dustons () charter net>
> Sent: Saturday, August 16, 2003 12:05 PM
> Subject: RE: Network IDS
>
> > Not certain if you consider Snort with an ACID interface to be a *nix
> > solution.  It does work the work it's intended to do with a great deal
> > of flexibility on the user's part.  Packet sniffing can be tuned to suit
> > your needs.  We use it on a Class B network and I doubt that you could
> > find a better product.  It is not a plug and play solution, but neither
> > is network security.
> >
> > -----Original Message-----
> > From: Duston Sickler [mailto:dustons () charter net]
> > Sent: Friday, August 15, 2003 11:30 AM
> > To: security-basics () securityfocus com
> > Subject: Network IDS
> >
> > Hello,
> >
> > I would like to thank in advance everyone who is out of the office.  I
> > really do like to hear about it.
> >
> > The Network Administrator for the company I work for has charged me to
> > locate a Network Intrusion Detection System.  We do have a monitored
> > firewall between us and the outside world.  We need something to protect
> > our
> > servers from anyone coming from the inside.  We have about 20 Windows
> > 2000
> > Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations.
> >
> > We live in a 100% Windows world and the powers that be will not be
> > receptive
> > to any *nix solutions.  We are more the willing to pay for a top of the
> > line
> > product as long is it is in fact top of the line.
> >
> > Currently I have been looking at the Symantec Gateway Device.  We like
> > the
> > idea of a stand alone piece of hardware.  The only problem is we already
> > have a gateway server washing our email of viruses and 99% of Spam.
> >
> > Does anyone have any comments on the Symantec Gateway device?  We have
> > had
> > excellent experiences with there Gateway software and NAV Corp.  Does
> > anyone
> > have a different or better device that they could point me towards?
> >
> > I would like to thank everyone who replies to this post.  I have learned
> > a
> > great deal being on this list the last year and will continue to
> > appreciate
> > all the expertise that is freely given here.
> >
> > Duston Sickler
> > CompTIA A+ Certified
> > "Cedo nulli."
> >
> >
> > ------------------------------------------------------------------------
> > ---
> > ------------------------------------------------------------------------
> > ----
> >
> > ---
> > Incoming mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003
>
> ---------------------------------------------------------------------------
> ---------------------------------------------------------------------------
> -

-- 
straightLiners IT Consulting & Services
Sebastian Schneider
Metzer Str. 12
13595 Berlin
Germany

Phone: +49-30-3510-6168
Fax: +49-30-3510-6169

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder
diese E-Mail irrtümlich erhalten haben, informieren Sie bitte
sofort den Absender und vernichten Sie diese Mail. Das unerlaubte
Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht
gestattet.

This E-Mail may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this E-Mail
in error please notify the sender immediately and destroy this E-Mail.
Any unauthorized copying, disclosure or distribution of the material
in this E-Mail is strictly forbidden.

---------------------------------------------------------------------------
----------------------------------------------------------------------------