Security Basics mailing list archives
Re: is Checkpoint smart defance is enough ?
From: routerg <routerg () gmail com>
Date: Tue, 2 Aug 2005 12:36:43 -0400
It really depends on your corporate security policies. SmartDefense is an Intrusion Prevention System meaning that it will actually block/drop the attacks specified rather than just alterting you like Intrustion Detection Systems. If you subscribe to their update service ~$1000 USD/year you can download updates to your gateways when they come out much like AV vendors do, however updates do not get downloaded automatically as they are release :/. You can also create your own regex rules so if you are getting hit with an attack not in the CheckPoint signiture list you can create your own rule. IIRC, SmartDefense does not do anomoly detection. So when a new worm starts propogating you need to find out about it by some other means (mailing lists, IDS), then either wait for an update from CheckPoint or create your own rule. It can be a very good layer of defense, but would still recommend putting an IDS behind it to see what SmartDense/FW-1 passed through. On 8/2/05, Juan B <juanbabi () yahoo com> wrote:
Hi, I was wondering if I enable smartdafance on a network so I can give up all the other IDS's like snort Iss etc. Is smartdefance considered as an IDS at all ? thanks Juan ____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Current thread:
- is Checkpoint smart defance is enough ? Juan B (Aug 02)
- Re: is Checkpoint smart defance is enough ? routerg (Aug 03)
- Re: is Checkpoint smart defance is enough ? Rodrigo Blanco (Aug 04)
- <Possible follow-ups>
- RE: is Checkpoint smart defance is enough ? Hitesh Patel (Aug 03)
- RE: is Checkpoint smart defance is enough ? THolman (Aug 03)
- Re: is Checkpoint smart defance is enough ? Ivan C (Aug 03)
- Re: is Checkpoint smart defance is enough ? aner . sagi (Aug 03)
- Re: is Checkpoint smart defance is enough ? Ivan C (Aug 03)
- Re: is Checkpoint smart defance is enough ? andrew_conly (Aug 03)