IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS - Cisco vs. McAfee vs. Tippingpoint

From: info () netsentinc com
Date: Wed, 29 Jul 2009 19:58:25 -0600
I've had bad experience with the McAfee sensors.  Total crap.  You can only filter by IP address, not ports too.  One 
example is if you have an http server on a nonstandard port, your only option is to deal with the alarm or compeltely 
disable it entirely or for the IP address.  You can't say HTTP is okay on this port but not others.

I also noticed that if you enable traffic logging, it doesn't always capture packets.  It also doesn't always list a 
source or destination IP.  It's been about a year and a half but man I hated the Intrushield!

In their defense, they *may* have changed things drastically in the past year and a half.  And I hope they did!!!

Network Sentry
www.netsentinc.com

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate 
on your web server, you can securely collect sensitive information online, and increase business by giving your 
customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
Previous By Date Next
Previous By Thread Next

Current thread: