Re: IPS, alternative solutions

["Andy Cuff" <lists () securitywizardry com>]

Hi Daniel,
Most if not all organisations that use IPS do so smartly, in that, they
consider the likelihood of a false positive for every signature and vary the
response to that signature accordingly

-andy cuff
Talisker's Computer Security Portal
Computer Network Defence Ltd
http://www.securitywizardry.com
----- Original Message ----- 
From: "Daniel" <deeper () gmail com>
To: <focus-ids () securityfocus com>
Sent: Tuesday, September 14, 2004 11:01 AM
Subject: IPS, alternative solutions


> So far there has been a load of talk discussing which is the better
technology. Personally i dont think IPS is ready for the big time. Yeah its
great for small mum and dad networks, but for large financial networks with
billions of pounds flowing across them, would you trust a technology to
think and block what it seems as bad traffic?
> So what are the alternatives?
>
> I'd say more host based protection such as:
>
>
>
> - Stack protection
>
> - Application level firewalls (ModSecurity/SecureIIS)
>
> - Host based firewalls
>
>
>
> I'm interested to see what everyone else feels are alternatives to IPS
>
>
>
>
> --------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
> --------------------------------------------------------------------------


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------