Security Basics mailing list archives
RE: IPS vs Firewall
From: "Josh Mills" <JMills () cnbwaco com>
Date: Wed, 28 Apr 2004 14:11:24 -0500
If you put the IPS outside of the firewall then be prepared for some massive amounts of logs! I currently have a similar setup and just the raw number of people setting out there running nessus and other tools quickly filled my logs up. I have since tuned the box and now recieve a decent amount of logs but i am wondering if it still doing me any good in a highly tuned state? my original idea was to put it outside the firewall so i could see everything that is hitting the firewall, but this just isnt possible in my setup. -----Original Message----- From: Benny Late [mailto:lvmygop () hotmail com] Sent: Tuesday, April 27, 2004 3:16 PM To: security-basics () securityfocus com Subject: IPS vs Firewall List, I am to give a presentation concerning IPS vs. IDS and why we have decided to implement an IPS solution. I have stuff about each of those, but my big problem is going to come from my LAN/WAN group. Because I've decided to place the IPS outside the firewall, they have already moaned about it and I know they're going to bring up why we need IPS vs. Firewall. I have stuff about what firewalls don't look for or do compared to IPS. My question is, how would you go about showing that firewalls or BigIP routers can be attacked directly? For those of you concidering IPS, can you impart any of the knowledge gained by implementing your solutions? Many thanks, Benny _________________________________________________________________
From must-see cities to the best beaches, plan a getaway with the Spring
Travel Guide! http://special.msn.com/local/springtravel.armx --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- IPS vs Firewall Benny Late (Apr 27)
- RE: IPS vs Firewall Juan Velasquez (Apr 28)
- RE: IPS vs Firewall Sanjay K. Patel (Apr 30)
- <Possible follow-ups>
- RE: IPS vs Firewall Steven Trewick (Apr 28)
- RE: IPS vs Firewall Josh Mills (Apr 28)
- RE: IPS vs Firewall sonicely (Apr 30)
- RE: IPS vs Firewall Benny Late (Apr 29)
- RE: IPS vs Firewall Steven Trewick (Apr 29)