Penetration Testing mailing list archives
RE: IPS comparison
From: "Alexis Villagra - VILSOL LatinAmerica" <alexis () vilsol com>
Date: Tue, 26 Jul 2005 03:54:59 -0500
check sonicwall IPS at www.sonicwall.com it argues to habe mor e than 1800 ips signatures more than any other -----Mensaje original----- De: Lyal Collins [mailto:lyal.collins () key2it com au] Enviado el: Martes, 26 de Julio de 2005 02:11 a.m. Para: mleroux () lincsat com; 'Leif Sawyer'; pen-test () securityfocus com Asunto: RE: IPS comparison I'd also suggest get trial boxes/software from the vendor(s) on your short list, and do a comparison In Your Environment. Everyone's mileage varies with these products so far - useability. Configurability, rule/policy creation, false alerts. Or install Snort with felxresp or inline, and assess what you really need from an IPS before you buy one. To be controversial, here's a parting thought for the community: Since your web/application servers are always your "IPS of last resort" (i.e. eventually, packets always get to your apps), are IPS products in the essential category, nice to have category, or a "status" product? (I actually think they are better for reporting and alerting than the label IPS suggests) Lyal -----Original Message----- From: Martin [mailto:mleroux () lincsat com] Sent: Tuesday, 26 July 2005 9:02 AM To: 'Leif Sawyer'; pen-test () securityfocus com Subject: RE: IPS comparison A Good start would be to have a look at http://www.nss.co.uk/ it features a number of products and very well done. Cheers -----Original Message----- From: Leif Sawyer [mailto:lsawyer () gci com] Sent: Monday, July 25, 2005 4:34 PM To: pen-test () securityfocus com Subject: RE: IPS comparison bw [bjshhsjb \@ yahoo.com] wrote:
I have been tasked with comparing IPS appliances. I am seriously looking at top layer's product line and tipping point. Does anyone have a spreadsheet or know of any tool they would be willing to share for comparing products. Im new to this so any help would be appreciated
I almost wonder if it's of more importance to review the IDS collection/analysis engines? With so much data available, who has time to look at it all, without some method of distilling it all down to useful data? Protego (now Cisco MARS), Checkpoint Eventia, ... are there any others? There must be. But with this being such a "new" model, I haven't seen a lot of information comparing these types of products yet. __________ NOD32 1.1177 (20050725) Information __________ This message was checked by NOD32 antivirus system. part000.txt - is OK http://www.eset.com __________ NOD32 EMON 1.1177 (20050725) information __________ The email was checked by the NOD32 antivirus system: email from: lyal.collins () key2it com au to: mleroux () lincsat com; 'Leif Sawyer'; pen-test () securityfocus com with subject RE: IPS comparison dated 07/26/2005 2:44 - is OK http://www.eset.com __________ NOD32 EMON 1.1177 (20050725) information __________ The email was checked by the NOD32 antivirus system: email with subject RE: IPS comparison dated 07/26/2005 3:54 - is OK http://www.eset.com
Current thread:
- IPS comparison bw (Jul 25)
- Re: IPS comparison DokFLeed (Jul 26)
- RES: IPS comparison Charbel Chalala Issa (Jul 26)
- Re: IPS comparison David Eduardo Acosta RodrÃguez (Jul 26)
- <Possible follow-ups>
- RE: IPS comparison Williams, Cameron (Jul 25)
- Re: IPS comparison Micheal Cottingham (Jul 25)
- RE: IPS comparison Leif Sawyer (Jul 25)
- RE: IPS comparison Martin (Jul 25)
- RE: IPS comparison David L Rice (Jul 25)
- RE: IPS comparison Lyal Collins (Jul 26)
- RE: IPS comparison Alexis Villagra - VILSOL LatinAmerica (Jul 26)
- RE: IPS comparison Martin (Jul 25)
- RE: IPS comparison Security Focus (Jul 26)
- RE: IPS comparison Dane Warren (Jul 25)
- IPS Comparison Darwin (Jul 25)
- RE: IPS Comparison Security Focus (Jul 26)
- RE: IPS comparison Singh, Yashpal (Jul 25)
- RE: IPS comparison Jeffrey Leggett (Jul 26)
- Re: IPS comparison Chuck (Jul 27)
- RE: IPS comparison Soszynski, Chris (Jul 27)
- RE: IPS Comparison JP Garcia (Jul 27)
- RE: IPS Comparison Miguel Dilaj (Jul 27)