IDS mailing list archives
Re: Network World IPS Review Invitation - calling all IPS vendors!
From: Joel M Snyder <Joel.Snyder () Opus1 COM>
Date: Fri, 03 Feb 2006 11:02:02 -0700
I totally agree on the usability testing; that was our primary focus in the last IPS test. In this test, we're going to push on performance because it hasn't really been done before (at least not competently at this speed), and that's a new and interesting angle. However, a lot of what I'm contributing to this (David Newman is really the world's best performance tester) is going to be in the areas such as usability, although it will be second-place to the performance focus.
In terms of spike versus sustained, that's a good point. Systems *do* behave very differently when they see a massive spike compared to a steady state. I suspect that we have enough on our plate right now that adding that kind of testing would be infeasible, but it's an outstanding idea.
Best, jms Andrew Plato wrote:
Joel, Just a suggestion... In your next round of tests, how about creating a situation where the traffic is similar to a real network. IPS tests tend to throw a massive ton of traffic at boxes that is sustained for hours or days. That is not how most networks operate. Most networks are a mix of lots of different protocols and have spikes and valleys in usage. Its rare to see a network with fully saturated lines. How an IPS responds to a sudden spike in traffic is more insightful then how it holds up to a 12 hourbarrage of traffic.I'd also like to see some usability testing. How do IPSs stack up in terms of their long-term usability? I think users want to know more than just raw performance specs. They want to know the realities of managing the equipment. Some equipment has great performance specs, but it causesbrain cancer trying to use it every day. Just some suggestions.----------------------------------------------- Andrew Plato, CISSP, CISM President/Principal Consultant Anitian Enterprise Security ----------------------------------------------------Original Message-----From: Joel M Snyder [mailto:Joel.Snyder () Opus1 COM] Sent: Thursday, February 02, 2006 12:54 PMTo: focus-ids () securityfocus com Subject: Network World IPS Review Invitation - calling all IPS vendors! If you make an IPS, please ask your PR person to read: http://www.networktest.com/ips06/ips06invite.html It is an invitation to Network World's IPS performance test. jms -- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Phone: +1 520 324 0494 (voice) +1 520 324 0495 (FAX) jms () Opus1 COM http://www.opus1.com/jms Opus One ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ _____________________________________________ NOTICE:This email may contain confidential information, and is for the sole use of the intended recipient. If you are not the intended recipient, please reply to the message and inform the sender of the error and delete the email and any attachments from your computer. _____________________________________________
-- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Phone: +1 520 324 0494 (voice) +1 520 324 0495 (FAX) jms () Opus1 COM http://www.opus1.com/jms Opus One ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- Network World IPS Review Invitation - calling all IPS vendors! Joel M Snyder (Feb 02)
- <Possible follow-ups>
- RE: Network World IPS Review Invitation - calling all IPS vendors! Andrew Plato (Feb 07)
- Re: Network World IPS Review Invitation - calling all IPS vendors! Joel M Snyder (Feb 07)