IDS mailing list archives
Re: Intrusion Prevention
From: Dave Mitchell <dmitchell () viawest net>
Date: Mon, 23 Dec 2002 12:52:22 -0700
I personally recommend the Netscreen IDP. It uses flow based packet inspection, can ride in-line or in sniffer, and has a realtime Java GUI for Windows or Linux. Policy options include the ability to allow, discard, TCP RST client, TCP RST server, or both. The 2.0 code allows for in-line with spanning tree and can also use VRRP. They are reliable, easy to install, and best of all, easy to manage. I was able to push near ~450mb/s at the IDP 500. -dave On Mon, Dec 23, 2002 at 11:52:08AM -0600, Carey, Steve T GARRISON wrote:
We are currently testing it. It is pretty impressive. Gives you the capability to either look at just the packet that caused the alert, or the alert packet and five subsequent packets, or entire flow (which gives you the traffic from the source and the destination). Currently the best commercial product we have looked at. Steven T. Carey LCIRT-R Team Leader Comm (256) 876-5811 Cell (256) 947-0225 -----Original Message----- From: Johnny Kho [mailto:johnnyk () mailhost net] Sent: Sunday, December 22, 2002 10:14 PM To: Johnny Kho Cc: focus-ids () securityfocus com Subject: Intrusion Prevention Hi. Anyone have tested Intruvert Network IPS? It is pretty impressive from the NSS test results... www.intruvert.com Merry Christmas and Holiday Cheers to all.. Johnny
Current thread:
- Re: Intrusion Prevention, (continued)
- Re: Intrusion Prevention Frank Knobbe (Dec 10)
- RE: Intrusion Prevention Adam Powers (Dec 10)
- RE: Intrusion Prevention Ralph Los (Dec 10)
- Re: Intrusion Prevention Vern Paxson (Dec 10)
- RE: Intrusion Prevention Chris Petersen (Dec 11)
- Intrusion Prevention Johnny Kho (Dec 23)
- RE: Intrusion Prevention Robert_Huber (Dec 11)
- RE: Intrusion Prevention Matthew L. McGuirl (Dec 11)
- RE: Intrusion Prevention Frank Knobbe (Dec 11)
- RE: Intrusion Prevention Carey, Steve T GARRISON (Dec 23)
- Re: Intrusion Prevention Dave Mitchell (Dec 23)
- Re: Intrusion Prevention Randy Taylor (Dec 24)
- Re: Intrusion Prevention Dave Mitchell (Dec 23)
- Re: Intrusion Prevention Rick Williams (Dec 27)
- OSEC [WAS: Re: Intrusion Prevention] Greg Shipley (Dec 29)
- NSS (was Re: Intrusion Prevention) Randy Taylor (Dec 30)