RE: Net Ranger vs. RealSecure vs. NFR

["Mellon, Ty" <Ty_Mellon () NAI com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Have you looked at CyberCop?  CyberCop has beaten ISS hands down
multiple times in third-party head-to-head testing (More
Vulnerabilities, etc...)


Ty Mellon
    Account Manager - Active Security, Network Associates, Inc.
* Voice: (800)338-8754x7918     * Fax:  (972)855-2664
* Email: ty_mellon () nai com
www.nai.com
http://www.nai.com/activesecurity/
Gauntlet Firewall - Virtual Private Networks(VPN) - PGP (encryption) -
CyberCop Scanner (Vulnerability & Risk Assessment) - CyberCop Monitor
(Real-time Intrusion Detection)      
Who's Watching Your Network?


- -----Original Message-----
From:   SiOL CERT [SMTP:cert () siol net]
Sent:   Monday, July 05, 1999 12:22 PM
To:     firewall-wizards () nfr net; firewalls () lists gnac net
Subject:        IDS: Net Ranger vs. RealSecure vs. NFR

Hi.

I have two intrusion detection systems on a trial run, but have to
chose the 
big winner. Both of them have been recommended as the cream of the
crop and 
'best money can buy', but from the wrong persons.

One of them is Cisco's Net Ranger Director, which uses HP OpenView as
a GUI 
(not prefered) and other one is ISS' Real Secure, which is a bit of a
pain 
because I'd need to set a machine on each segment of the network I
want to 
monitor.

The third IDS is my personal favorite NFR's Network Flight Recorder
(ever 
since I read the white paper), but I need more informations about all
of the 
mentioned IDS systems (especially cons, pros are more or less known).

The network in question is an ISP's public part of the system, which
means I 
need some detection system than can swallow more than 70Mbit traffic
on the 
fly.

Thanks in advance,

Saso

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5

iQA/AwUBN4IRlqBda5ixDLy5EQJpIQCgkj+GSqBZcfvfqhtoeEWpPHTq3roAoOa/
Xg6AdHT5IcvhYgFTqXPMXEZc
=x2hT
-----END PGP SIGNATURE-----