Open source mounts IDS challenge

[InfoSec News <isn () c4i org>]

http://www.vnunet.com/News/1127283

By James Middleton in Rome 
03-12-2001

Open source security products are ready to mount a massive challenge
in the intrusion detection market, according to experts.

Security consultant NSS Group tested 16 IDS products from big vendors
including Cisco, ISS, Computer Associates and Symantec, along with one
freeware open source product called Snort.

"In our tests Snort was the top performer - we were blown away by it,"
said Bob Walder, director of the NSS Group. "It was better than all
the commercial products we tested."

However, he warned that "installing an Open Source product is a lot
more work, you have to build on the installation", but the conclusion
is that Snort offered a better foundation for IDS.

Other experts present at the NetEvents security forum in Rome said
that although companies are concerned about the high costs associated
with IT security, many think that "good security policy amounts to an
expensive enough consultant."

David Love, ex-chief of security for NATO Europe and ex-head of
security for the RAF, now working for Computer Associates, said:
"Nowhere else in the industry is it possible to waste money as quickly
as on IT security, especially since 11 September. These people running
companies should understand the risks, but they are often of a
computer illiterate age."

It seems that commercial security vendors may be able to learn a thing
or two from the open source community, which may now put pressure on
the market by offering a cheap and effective alternative.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.