IDS mailing list archives
RE: Network IDS
From: "Terry Ziemniak" <tmz () hawk swc com>
Date: Tue, 19 Aug 2003 10:42:55 -0500
Duston, I am personally a fan of both Symantec's firewall offerings (SEF & SGS) as well as their NIDS (Manhunt). However be warned that SGS' NIDS in not Manhunt. It is a signature based NIDS. Manhunt's capabilities come from the fact that it detects protocol anomalies versus strictly signature based analysis (and is itself arguably 'top of the line'). SGS NIDS capabilities may be sufficient for some, but I would not state that it is top of line. SGS advantage is good products, easy management, and economies of scale. On that note, SGS' anti-virus and content filtering offerings are pretty good (basically NAV and WebSecurity slapped on the box). Also, I am pretty sure that you have to license the whole bundle (FW, AV, NIDS and content filtering). This is a silly licensing scheme that I hope Symantec will change soon. PS - I gave the product names where applicable so you can look up details on Symantec's web site if you interested in more details. Terry -----Original Message----- From: Duston Sickler [mailto:dustons () charter net] Sent: Saturday, August 16, 2003 10:48 AM To: focus-ids () securityfocus com Subject: Network IDS Hello, I would like to thank in advance everyone who is out of the office. I really do like to hear about it. The Network Administrator for the company I work for has charged me to locate a Network Intrusion Detection System. We do have a monitored firewall between us and the outside world. We need something to protect our servers from anyone coming from the inside. We have about 20 Windows 2000 Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations. We live in a 100% Windows world and the powers that be will not be receptive to any *nix solutions. We are more the willing to pay for a top of the line product as long is it is in fact top of the line. Currently I have been looking at the Symantec Gateway Device. We like the idea of a stand alone piece of hardware. The only problem is we already have a gateway server washing our email of viruses and 99% of Spam. Does anyone have any comments on the Symantec Gateway device? We have had excellent experiences with there Gateway software and NAV Corp. Does anyone have a different or better device that they could point me towards? I would like to thank everyone who replies to this post. I have learned a great deal being on this list the last year and will continue to appreciate all the expertise that is freely given here. Duston Sickler CompTIA A+ Certified "Cedo nulli." ------------------------------------------------------------------------ --- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the worldÂs premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com ---------------------------------------------------------------------------
Current thread:
- Re: Network IDS, (continued)
- Re: Network IDS Sam f. Stover (Aug 25)
- Re: Network IDS Barry Fitzgerald (Aug 25)
- Re: Network IDS Andreas Krennmair (Aug 26)
- Re: Network IDS Barry Fitzgerald (Aug 28)
- Re: Network IDS Frank Knobbe (Aug 28)
- Re: Network IDS Mark Teicher (Aug 28)
- Re: Network IDS Frank Knobbe (Aug 28)
- Re: Network IDS Andreas Krennmair (Aug 25)
- Re: Network IDS Barry Fitzgerald (Aug 26)
- Re: Network IDS Gary Flynn (Aug 21)
- RE: Network IDS Steffen Kluge (Aug 25)
- Re: Network IDS Joel Snyder (Aug 26)
- Re: Network IDS Andreas Krennmair (Aug 26)
- RE: Network IDS Frank Knobbe (Aug 28)