Re: Botnet Detection Systems

["Calo, Andrew" <ACALO () BENTLEY EDU>]

Hello,

I have personal experience with FireEye (HW appliance) and Seculert (SaaS model). I believe both tools provide 
tremendous value. I believe that the differing deployment models - local hardware appliance vs. SaaS  is a key decision 
making point and it speaks to the locally available resources that will be tasked with using and maintaining the 
solution.

I have no personal experience with Damballa, but have hear lots of good things. I believe NetWitness is also a viable 
player in this space.

Regards,
Andrew Calo

[cid:image001.jpg@01CD965F.C2562F20]

Andrew Calo | Information Security and Data Privacy Administrator | Administrative Computing Department

Bentley University | 175 Forest Street | Waltham, MA 02452

PH: 781.891.2498 | acalo () bentley edu<mailto:acalo () bentley edu>





From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of WILLIAM 
I ARNOLD
Sent: Wednesday, September 19, 2012 10:22 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Botnet Detection Systems

Hello,
Here at the University of Tampa we are beginning the process in finding a solution that will do Bot detection. We have 
been looking at Damballa and would like to know if anyone is using this product and how well it's working. Would also 
like to know if anyone is using a different vendor. We would be interested in hearing how well it works in your 
environment. Please feel free to contact off list is you would like. Thanks
Bill Arnold

William I. Arnold IV
Network Security Engineer
University of Tampa
warnold () ut edu<mailto:warnold () ut edu>
813-253-6284