Re: IPS Solution

[Benjamin Parker <parkerbc () MOUNTUNION EDU>]

We are an Enterasys shop but don't have their IPS. From the training I have
had in Enterasys's product line what you are asking to do
sounds definitely feasible and like what they have been advertising for a
while. I think this functionality is in their ASM (automated security
manager).

That said, I also +1 the Palo Alto solution. We bought it to replace our
firewall, in doing that it also replaced our Procera packetlogic, and
provides some IPS functionality. We don't pay for the full range of
features that they have because of budget limits, but I can see the value.

The Palo Alto can also do some integration with the Enterasys NAC to
deliver users FW policies and insights if you are interested in that.

Ben Parker
University of Mount Union


On Mon, Feb 4, 2013 at 1:24 PM, John Kaftan <jkaftan () utica edu> wrote:

>  Stephen:
>
>  Are you an Enterasys shop?  Do you have Enterasys NAC?  We are going
> down this road too and are wondering how the Enterasys IPS integrates with
> their NAC.  We are hoping that we can have the IPS talk to the NAC and tell
> it to quarantine people based on the traffic it is seeing.  Currently we
> are pretty heavy handed with NAC and if we could take action based on
> activity then we may lay off a bit on the front end.
>
>
>  John
>
> On Mon, Feb 4, 2013 at 12:11 PM, Bradley, Stephen <bradlesw () miamioh edu>wrote:
>
> > I would also like to know about Palo Alto.  My next demo in house is
> > Enterasys then Sourcefire, Tipping Point declined to even participate
> > in our testing for new IPS'.
> >
> > On Mon, Feb 4, 2013 at 12:05 PM, Roger A Safian
> > <r-safian () northwestern edu> wrote:
> > > Did you decide against Palo Alto for some reason?
> > >
> > >
> > >
> > > From: The EDUCAUSE Security Constituent Group Listserv
> > > [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, Ronald A.
> > > Sent: Monday, February 4, 2013 10:46 AM
> > > To: SECURITY () LISTSERV EDUCAUSE EDU
> > > Subject: [SECURITY] IPS Solution
> > >
> > >
> > >
> > > We are about to begin investigating IPS solutions for our environment.
> >  So
> > > far, we are considering Sourcefire and HP/TippingPoint (yes, we are
> > aware of
> > > the problems since the acquisition).  I would like to ask the group for
> > > their suggestions for a solution that could be used for a small to
> > medium
> > > sized EDU with 10 gig backbone and 1 gig to the internet.  If anyone
> > would
> > > like to include their reasoning for their choice, that would be helpful
> > to
> > > us.
> > >
> > >
> > >
> > > I would also like to state that any responses from corporate or reseller
> > > companies will automatically eliminate them from consideration.
> > >
> > >
> > >
> > > Thank you in advance.
> > >
> > >
> > >
> > >
> > >
> > > Ronald King
> > >
> > > Security Engineer
> > >
> > > Norfolk State University
> > >
> > > Marie V. McDemmond Center for Applied Research
> > >
> > > Suite 401
> > >
> > > 555 Park Ave.
> > >
> > > Norfolk, Virginia  23504
> > >
> > > Phone:  757-823-3918
> > >
> > > Fax: 757-823-2128
> > >
> > > Email: raking () nsu edu
> > >
> > > http://security.nsu.edu
> >
> >
> >
> >  --
> > Stephen W. Bradley CISSP GCIH GWAPT SSCP
> > Senior Security Engineer
> > Miami University
> > IT Services
> > bradlesw () miamioh edu
> > 513-529-1809
>
>
>
>  --
> John Kaftan
> IT Infrastructure Manager
> Utica College


-- 
Ben Parker
Senior Network Engineer
University of Mount Union
Phone: 330-829-2866
Twitter: @BenParker82