Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Intrusion Detection Recommendations

From: Gary Dobbins <dobbins () ND EDU>
Date: Tue, 9 Aug 2005 08:30:55 -0500
Rather than ACID (which has apparently fallen out of active maint) we
now manage our array or SNORTia with a combination of BASE and Aanval.
 The former is at no charge, while there is a license required for
the latter.

Contact me off-list and I'll put you in touch with our engineer who's
in charge of the array if you wish more details.

Cebulski, John wrote:

I would also suggest that you look at the Intrushield solution by McAfee.



------------------------------------------------------------------------

*From:* Gibbs, Aaron M. [mailto:AMGibbs () ST-AUG EDU]
*Sent:* Tuesday, August 09, 2005 8:18 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Intrusion Detection Recommendations



We've been looking at Top Layer as and IPS and will be looking at Securiant.

    -----Original Message-----
    *From:* Mike Radomski [mailto:Mike.Radomski () ITEC SUNY EDU]
    *Sent:* Tuesday, August 09, 2005 9:10 AM
    *To:* SECURITY () LISTSERV EDUCAUSE EDU
    *Subject:* [SECURITY] Intrusion Detection Recommendations


    Hello,
    We are currently looking at different alternatives to our Snort
    implementation for and IDS.  We currently run Snort+ACID on a SPAN
    port.  It works well, but would like a more robust system that is
    capable of anomaly detection, flow analysis, etc.  I am wondering
    what everyone uses for IDS/IPS?  Do you use a combination of open
    source tools, a commercial software solution, or a commercial
    hardware solution?  What are the advantages of your implementation?
     Disadvantages?

    Thanks!
    --
    Mike Radomski

    SUNY - ITEC
    Information Technology Exchange Center
    Systems Programmer/Analyst
    E-mail: Mike.Radomski () itec suny edu
    Systems E-Mail: scsys () itec suny edu
    Phone: (716)878-4832
    Cellular: (716)807-4040
    Fax: (716)878-3485
    PGP Public Key: http://www2.itec.suny.edu/~radomsmj/mradomski.asc

    There are only 10 types of people...
    Those who understand binary and those who don't.

This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
system manager. This message contains confidential information and is
intended only for the individual named. If you are not the named
addressee you should not disseminate, distribute or copy this e-mail.


--

  ------------------------------------------------------------
  Gary Dobbins, CISSP -- Director, Information Security
  University of Notre Dame, Office of Information Technologies
Previous By Date Next
Previous By Thread Next

Current thread: