IDS mailing list archives
RE: location of an IPS
From: Bourque Daniel <Daniel.Bourque () loto-quebec com>
Date: Fri, 21 Oct 2005 01:24:37 -0400
What good can an IPS make in a DOS attack in front of your firewall??? If the link is saturated, it won't help even if it protect the fw... An IPS have to be place in the ISP premise and they will refuse to allow you to do that, or rent it themself. -----Original Message----- From: kgeorgiades () toplayer com [mailto:kgeorgiades () toplayer com] Sent: Thursday, October 20, 2005 10:32 PM To: dfox168 () hotmail com; focus-ids () securityfocus com Subject: RE: location of an IPS Doug, If your IPS can provide DDoS protection in addition to the Malicious Content protection you should place the IPS in front of the Checkpoint FW in order to also protect the FW from the DDoS attacks. If your IPS can only provide Malicious Content protection, you should place it behind the FW. Note: I work for a company that is also selling IPS. Kyriacos (Ken) Georgiades Senior Director, Product Line Management Top Layer Networks, Inc Tel: 508 870 1300 x 231 Cell: 508 783 5988 Fax: 508 870 9797 Email: kgeorgiades () toplayer com www.toplayer.com -----Original Message----- From: Doug Fox [mailto:dfox168 () hotmail com] Sent: Wednesday, October 19, 2005 4:58 PM To: focus-ids () securityfocus com Subject: location of an IPS I'm sorry for this dumb question, which may have been answered many times. Where should one place an TippingPoint Unity 50 IPS device? Behind or in front of a firewall? I have a/the TippingPoint behind a Check Point firewall. Even though we externally and internally port-scanned the firewall and the IPS many times, the activity log did not contain any record of the "attacks". What am I missing here? Any pointers are appreciated. Thanks, ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Re: location of an IPS, (continued)
- Re: location of an IPS FinAckSyn (Oct 20)
- Re: location of an IPS Kurt Seifried (Oct 21)
- Re: location of an IPS FinAckSyn (Oct 21)
- Re: location of an IPS Kurt Seifried (Oct 21)
- Re: location of an IPS Paul Schmehl (Oct 20)
- Re: location of an IPS ilaiy (Oct 21)
- Re: location of an IPS Seek Knowledge (Oct 21)
- RE: location of an IPS Gary Halleen (ghalleen) (Oct 20)
- RE: location of an IPS Derick Anderson (Oct 20)
- RE: location of an IPS Swift, David (Oct 20)
- RE: location of an IPS kgeorgiades (Oct 20)
- RE: location of an IPS Bourque Daniel (Oct 21)
- Re: Re: location of an IPS asalo (Oct 21)
- Re: location of an IPS FinAckSyn (Oct 20)