IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NetFlow for IDS

From: Adam Powers <apowers () lancope com>
Date: Fri, 15 Jul 2005 11:48:46 -0400
Very cool. There is a whole sector of vendors that seems to be missing.
Might make sense to add them:

Lancope (StealthWatch Xe): www.lancope.com
Arbor Networks (Peakflow): www.arbornetworks.com
Mazu Network (Profiler): www.mazunetworks.com
Q1Labs (QRadar): www.q1labs.com

...these vendors focus their energies on the security aspect of NetFlow
analysis.



On 7/14/05 5:21 PM, "Andy Cuff" <lists () securitywizardry com> wrote:



Netflow data offers a valuable source of IDS information. To this end Jeff
Ames has detailed all known Netflow analysis tools on a single page at
http://securitywizardry.com/protNetFlowA.htm

As always please notify us of any omissions or errors

   Regards
Andy Cuff
Chief Technology Officer
Computer Network Defence Ltd
http://SecurityWizardry.com
Phone (+44) (0) 7968 608945




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------






------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: