Educause Security Discussion mailing list archives
Re: Intrusion Detection Recommendations
From: Gary Flynn <flynngn () JMU EDU>
Date: Fri, 12 Aug 2005 10:09:29 -0400
Mike Radomski wrote:
Hello, We are currently looking at different alternatives to our Snort implementation for and IDS. We currently run Snort+ACID on a SPAN port. It works well, but would like a more robust system that is capable of anomaly detection, flow analysis, etc. I am wondering what everyone uses for IDS/IPS? Do you use a combination of open source tools, a commercial software solution, or a commercial hardware solution? What are the advantages of your implementation? Disadvantages?
We installed Netscreen/Juniper IDPs 16 months ago on our Internet border and have been very happy with the functionality they provide. It is so much more efficient to have recognized attacks (IE exploits, IM exploits, IIS exploits, etc.) stopped at the border rather than just being reported to us. -- Gary Flynn Security Engineer James Madison University
Current thread:
- Re: Intrusion Detection Recommendations, (continued)
- Re: Intrusion Detection Recommendations Gary Dobbins (Aug 09)
- Re: Intrusion Detection Recommendations Cebulski, John (Aug 09)
- Re: Intrusion Detection Recommendations wcon (Aug 09)
- Re: Intrusion Detection Recommendations Dean De Beer (Aug 09)
- Re: Intrusion Detection Recommendations Graham Toal (Aug 09)
- Re: Intrusion Detection Recommendations Jason Richardson (Aug 09)
- Re: Intrusion Detection Recommendations Wes Simons (Aug 09)
- Re: Intrusion Detection Recommendations John Kemp (Aug 09)
- Re: Intrusion Detection Recommendations Scott Genung (Aug 09)
- Re: Intrusion Detection Recommendations James Riden (Aug 09)
- Re: Intrusion Detection Recommendations Gary Flynn (Aug 12)