Penetration Testing mailing list archives
RE: IPS Comparison
From: "Talisker" <lists () securitywizardry com>
Date: Wed, 21 Dec 2005 21:19:30 -0000
This thread is better placed on the IDS list. However, I would recommend avoiding making product selection decisions based on publications that run advertising from the vendors being reviewed. Instead use them to identify possible showstoppers and then run the finalists through a beauty contest. Nss.co.uk are a more independent source of information, but even then the vendors pay for the tests (correct me if I'm wrong) and if the vendor can't afford or their product hasn't changed a great deal since the last NSS review, they may not be there. Each product differs in functionality and capability as your network will differ from anyone else's. Moreover, so does your ability to monitor/manage said products. Marrying the ideal product to your network and ability can be best achieved on the ground. Consider all the reviews and shouts that product A or B is best, then try a few of those that seem the prettiest and most suited to your environment. You may be surprised about how unsuitable some of the market leading products are. Finally don't forget that certain unscrupulous vendors may shout that their product is best by human proxy or from anonymous addresses. (surely not!) Regards Andy Cuff Chief Technology Officer Computer Network Defence Ltd http://www.securitywizardry.com 07010 709014
-----Original Message----- From: Todd Towles [mailto:toddtowles () brookshires com] Sent: 20 December 2005 21:55 To: Josh Perrymon; krishy_k () hotmail com; pen-test () securityfocus com Subject: RE: IPS ComparisonI have talked to clients and they did not like the RadWare box. They say the management interface is unusable and the box isn't stable. I have played with the ISS and Cisco products and have been happy... Again-- I haven't spent much time with either of the products but have "heard" from several large state clients about the Radware box so don't take this post for much more than mere conversation. I met the head engineers from RadWare at a conference and they seemed nice... I think all their stuff is from Israel??Information Security Mag has a IPS Comparison in their Nov 2005 issue Quick and Dirty Results = Cisco Systems - Intrusion Pevention Sensor 4255 Series = B ISS - Preventia Network Proteciton Appliance 6400 = B+ Radware - Defense Pro = C+ Sourcefire - 3D System Intrusion Sensor 3000 = B+ Top Layer Networks - Attack Mitigator IPS 5500 = A- Of course, this is just the quick and dirty, there are pro and cons for all. Kinda have to read the article to get all the reasons. -Todd -------------------------------------------------------------------------- ---- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------- -----
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: IPS Comparison, (continued)
- Re: IPS Comparison InfoSecBOFH (Dec 20)
- RE: IPS Comparison Josh Perrymon (Dec 20)
- Message not available
- Re: IPS Comparison Dave Bush (Dec 21)
- Re: IPS Comparison Chris Brenton (Dec 22)
- Re: IPS Comparison Vic N (Dec 24)
- Message not available
- Re: IPS Comparison neal wise (Dec 21)
- Re: IPS Comparison Brian Recore (Dec 27)
- RE: IPS Comparison Talisker (Dec 21)