Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Intrusion Detection Recommendations

From: "Gibbs, Aaron M." <AMGibbs () ST-AUG EDU>
Date: Tue, 9 Aug 2005 09:18:10 -0400
We've been looking at Top Layer as and IPS and will be looking at Securiant.

-----Original Message-----
From: Mike Radomski [mailto:Mike.Radomski () ITEC SUNY EDU]
Sent: Tuesday, August 09, 2005 9:10 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Intrusion Detection Recommendations



Hello, 
We are currently looking at different alternatives to our Snort implementation for and IDS.  We currently run 
Snort+ACID on a SPAN port.  It works well, but would like a more robust system that is capable of anomaly detection, 
flow analysis, etc.  I am wondering what everyone uses for IDS/IPS?  Do you use a combination of open source tools, a 
commercial software solution, or a commercial hardware solution?  What are the advantages of your implementation?  
Disadvantages? 

Thanks! 
-- 
Mike Radomski 

SUNY - ITEC 
Information Technology Exchange Center 
Systems Programmer/Analyst 
E-mail: Mike.Radomski () itec suny edu 
Systems E-Mail: scsys () itec suny edu 
Phone: (716)878-4832 
Cellular: (716)807-4040 
Fax: (716)878-3485
PGP Public Key: http://www2.itec.suny.edu/~radomsmj/mradomski.asc

There are only 10 types of people... 
Those who understand binary and those who don't.
Previous By Date Next
Previous By Thread Next

Current thread: