Security Basics mailing list archives

RE: Cisco vs. Snort

From: "McGill, Lachlan" <mcgilll1 () anz com>
Date: Wed, 3 Sep 2003 09:22:13 +1000

One advantage of staying with Cisco is that Cisco IDS will auto modify Cisco router access lists in case of an attack. 
Although this feature should be configured with caution!!!

-----Original Message-----
From: Nicholas Diotte [mailto:xphox () xphox net]
Sent: Wednesday, 3 September 2003 2:19 AM
To: security-basics () securityfocus com
Subject: Cisco vs. Snort

Good day,

Recently I've been asked to impliment an IDS system within our corporate 
network.  I've been given a more then reasonable budget, so I'm not 
looking for a cheap/freebie solution.  What if any are the advantages of 
going Cisco vs. building a Snort system.

What I'm thinking is Snort would be much more of a headake as you need to 
write/obtain rules, whereas Cisco that is not the case.

Has anyone had a chance to examin the two devices, and any pointers before 
I proceed with such an order?  Most of our products on our network are 
Cisco based, including all FW, routers, and soon switches.

Reason why I'm asking is that I've been asked to do a presentation for our 
Board of Directors, and as you can see the person in charge before me, 
implimented nothing but Cisco products.

Thanks,
Nick

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

Current thread:

Cisco vs. Snort Nicholas Diotte (Sep 02)
- RE: Cisco vs. Snort David stout (Sep 03)
- Re: Cisco vs. Snort Jude Naidoo (Sep 03)
- Re: Cisco vs. Snort Stefan Marx (Sep 04)
- Re: Cisco vs. Snort Stefan Marx (Sep 04)
- RE: Cisco vs. Snort Ethan (Sep 04)
- Re: Cisco vs. Snort Jorge Claudio (Sep 04)
- Re: Cisco vs. Snort Sebastian Schneider (Sep 10)
- <Possible follow-ups>
- RE: Cisco vs. Snort McGill, Lachlan (Sep 03)
  - RE: Cisco vs. Snort William Bradd (Sep 04)
- RE: Cisco vs. Snort Brian Austin (Sep 04)
- Re: Cisco vs. Snort Nicholas Diotte (Sep 04)