Educause Security Discussion mailing list archives

Intrusion Detection Recommendations

From: Mike Radomski <Mike.Radomski () ITEC SUNY EDU>
Date: Tue, 9 Aug 2005 09:10:09 -0400

Hello,
We are currently looking at different alternatives to our Snort
implementation for and IDS.  We currently run Snort+ACID on a SPAN port.
It works well, but would like a more robust system that is capable of
anomaly detection, flow analysis, etc.  I am wondering what everyone uses
for IDS/IPS?  Do you use a combination of open source tools, a commercial
software solution, or a commercial hardware solution?  What are the
advantages of your implementation?  Disadvantages?

Thanks!
--
Mike Radomski

SUNY - ITEC
Information Technology Exchange Center
Systems Programmer/Analyst
E-mail: Mike.Radomski () itec suny edu
Systems E-Mail: scsys () itec suny edu
Phone: (716)878-4832
Cellular: (716)807-4040
Fax: (716)878-3485
PGP Public Key: http://www2.itec.suny.edu/~radomsmj/mradomski.asc

There are only 10 types of people...
Those who understand binary and those who don't.

Current thread:

Intrusion Detection Recommendations Mike Radomski (Aug 09)
- <Possible follow-ups>
- Re: Intrusion Detection Recommendations Gibbs, Aaron M. (Aug 09)
- Re: Intrusion Detection Recommendations Gary Dobbins (Aug 09)
- Re: Intrusion Detection Recommendations Cebulski, John (Aug 09)
- Re: Intrusion Detection Recommendations wcon (Aug 09)
- Re: Intrusion Detection Recommendations Dean De Beer (Aug 09)
- Re: Intrusion Detection Recommendations Graham Toal (Aug 09)
- Re: Intrusion Detection Recommendations Jason Richardson (Aug 09)
- Re: Intrusion Detection Recommendations Wes Simons (Aug 09)
- Re: Intrusion Detection Recommendations John Kemp (Aug 09)
- Re: Intrusion Detection Recommendations Scott Genung (Aug 09)

(Thread continues...)