Re: NIPS/NIDS performance evaluation query

[ADT <synfinatic () gmail com>]

Well any 3rd party performance test which doesn't spell out how they
performed their tests isn't worth diddly squat, which is why the good
ones will spell out their test methodology.   Of course, in each case,
they're using arbitrary traffic which may or may not look anything
like the traffic on your network.  Hence, their results may not
reflect the performance of the product on your network.  Not to
mention, how it is configured can have a dramatic performance impact
as well.

But basically, most NIPS/NIDS tests use one or more of the following
commercial tools:
Smartbits
WebAvalance
Blade Software IDS Informer

As well as open source:
tcpreplay suite
tomahawk

-Aaron (the tcpreplay guy)

-- 
http://synfin.net/

On 6/14/05, snort user <snort.user () gmail com> wrote:
> How does NIPS/NIDS evaluation agencies test performance of the device ?
>
> Also, any idea if they use custom made tools or publicly available tools ?

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------