Educause Security Discussion mailing list archives
Re: eEye's Blink
From: Wang Cheng <ChengW () SACREDHEART EDU>
Date: Tue, 29 May 2007 14:57:49 -0400
Hi Sam, We use it here at Sacred Heart University on all faculty/staff machines and so far it has proven to be a great host based IPS product, that is once you have it tuned to your environment. Unlike most other firewalls and anti-malware products, which work as an LSP (using the Winsock Provider API), Blink installs itself as a NDIS, TDI, and file access drivers (just above the hardware itself) which allows it to be very fast and provide features of both network and host based IPS. It comes with anti-malware, application and registry protection and a network/app firewall. We found the firewall to be very hard to configure properly so we don't have it turned on by default (we just use Windows Firewall instead). The anti-malware piece will not really replace your AV or Anti-spyware, it's still not mature enough for that. The greatest advantage of Blink is really it's IPS. Like with any IPS, you should do some extensive testing with it in your environment. We tested for more than 3 months before deploying to weed out the rules that gave false positives in our environment. I highly recommend looking into REM for it's centralized management and data correlation capabilities as well. There's a free personal edition of the IPS you can get and I'm sure they'll be glad to let you tryout the whole product! :-) Also the Vista version is not coming out until next quarter. Regards, Conrado Wang Cheng Niemeyer Information Security Officer Sacred Heart University -----Original Message----- From: Walker, Sam [mailto:swalker () WVSOM EDU] Sent: Friday, May 25, 2007 1:08 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] eEye's Blink I was curious if anyone is currently using or is evaluating eEye's Blink product. I viewed a webcast of the product this week and it appears to be rather powerful. The company's web site lists several education clients, so I was interested in opinions about the product. Thanks in advance. Sam Walker WVSOM
Current thread:
- eEye's Blink Walker, Sam (May 25)
- <Possible follow-ups>
- Re: eEye's Blink Wang Cheng (May 29)