IDS mailing list archives
RE: eEye Blink and other Endpoint IPS solutions.
From: Mark Teicher <mht3 () earthlink net>
Date: Tue, 05 Jul 2005 20:19:38 -0400
Oh boy. Host-based IPS market:Sygate Enterprise Secure (more security policy centric, refer to SNAC To Go(tm) as their new marketing states Cisco Security Agent/CiscoWorks (you need to install Cisco Common Network Services in order for the Cisco Secure Management Console to install correctly) eEye Blink (2.0 seems a lot better, than 1.0, but still not on par with Sygate or Cisco, and has some scaleability issues after x number of endpoints)
Network Associates Entercept 5.0+ISS Proventia for Desktop/Site Protector (their scaleability seems above par than most but yet to incorporate SQL replication efficiently into the Site Protector console, it leaves this portion as an exercise for the Security Admin to script up)
Computer Associates Entrust Sana Security PrevxEach one has it plus/minuses, and depending on what feature set or problem one is trying to solve.
Fortinet is more network IPS than endpoint, although I have heard enterprises shipping Fortinet 50's to end users as a end-point solution, but that is more to avoid operating system interoperability issues with VPN software than anything else, since some organizations still support end of life operating systems from Microsoft.
At 05:43 AM 7/1/2005, mashraf () hushmail com wrote:
On Thu, 30 Jun 2005 15:25:03 -0700 "Palmer, Paul (ISSAtlanta)" <PPalmer () iss net> wrote: >Mina writes: > >"On the plus side it makes evaluating the options much easier when > >there seem to be only Cisco and eEye in the marketplace :)" > >ISS also provides HIPS products. I work for ISS, so I have a high >opinion of our products. > >If I recall correctly, McAfee also sells a HIPS product. I feel so stupid now, I shouldn't have written that. I realised I'd forgotten McAfee as soon as I sent the email and they are actually my favourite so far. Other recommendations have been Fortigate and NetIQ. An ISS partner described the IPS as a patch for RealSecure IDS to my I.T. Director which makes it difficult for me but I will investigate further as they've also been independently recommended. Thanks again everyone. Mina Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Current thread:
- RE: eEye Blink and other Endpoint IPS solutions. Steve Figures (Jul 02)
- <Possible follow-ups>
- RE: eEye Blink and other Endpoint IPS solutions. mashraf (Jul 02)
- RE: eEye Blink and other Endpoint IPS solutions. Mark Teicher (Jul 05)
- Re: eEye Blink and other Endpoint IPS solutions. Joey Peloquin (Jul 02)
- Re: eEye Blink and other Endpoint IPS solutions. Mark Teicher (Jul 05)
- Re: RE: eEye Blink and other Endpoint IPS solutions. billy (Jul 02)