IDS Recommendations

[John Stauffacher <stauffacher () CHAPMAN EDU>]

I have already posted this to UNISOG, so I am sorry if you get duplicates...

All,



I have been tasked with evaluating commercial IDS systems (our snort array
is nice but does not have the "blinky" factor that management loves). What
are other people using and how well does it work? I am looking (obviously)
for a system that will give me fewer false negatives than false positives. I
also am looking for something that allows custom rule sets and updatable
rule sets (so leave out the IDS feature of the CISCO Pix, I know its there,
I use it - its just weak). I am also looking for something that is, as
management says, "future proof", i.e. it must have interchangeable NICs, and
some sort of scalability. I have gotten a lot of great help from UNISOG, but
I also want to query Educause members to see what they are using.



Thanks.



-John Stauffacher
Network Administrator
Chapman University
714.628.7249
stauffacher () nospam chapman edu

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.