Penetration Testing mailing list archives
RE: IPS comparison
From: "Security Focus" <Security.Focus () comcast net>
Date: Tue, 26 Jul 2005 04:51:46 -0500
Yes, there are many more products that make sense of the log data. See the Free Sans Analyst report on Log Management by Stephen Northcutt at http://www.sans.org/vendor/20050426_analyst_report.pdf Also, IDS focus list has been covering this topic in great detail lately. These products are a new breed of Security Event Management products with the benefit of Log Management functions for compliance requirements. A particularly stellar product to look at that is mentioned on the SANS list by Northcutt is LogRhythm starting at about $14k. ROI4Security www.ROI4Security.com is the leading integrator of LogRhythm; you'd want to contact them directly to learn more. Very impressive background of the principal partners at ROI including contracted ISO at JPMorgan, CNA Insurance, and 14 years of contracting at NSA, and former co-founder of NSC nscsecure.com. Very solid background, and great to work with. regards, -MD Certification Training CertTest.com -----Original Message----- From: Leif Sawyer [mailto:lsawyer () gci com] Sent: Monday, July 25, 2005 3:34 PM To: pen-test () securityfocus com Subject: RE: IPS comparison bw [bjshhsjb \@ yahoo.com] wrote:
I have been tasked with comparing IPS appliances. I am seriously looking at top layer's product line and tipping point. Does anyone have a spreadsheet or know of any tool they would be willing to share for comparing products. Im new to this so any help would be appreciated
I almost wonder if it's of more importance to review the IDS collection/analysis engines? With so much data available, who has time to look at it all, without some method of distilling it all down to useful data? Protego (now Cisco MARS), Checkpoint Eventia, ... are there any others? There must be. But with this being such a "new" model, I haven't seen a lot of information comparing these types of products yet.
Current thread:
- Re: IPS comparison, (continued)
- Re: IPS comparison DokFLeed (Jul 26)
- RES: IPS comparison Charbel Chalala Issa (Jul 26)
- Re: IPS comparison David Eduardo Acosta RodrÃguez (Jul 26)
- RE: IPS comparison Williams, Cameron (Jul 25)
- Re: IPS comparison Micheal Cottingham (Jul 25)
- RE: IPS comparison Leif Sawyer (Jul 25)
- RE: IPS comparison Martin (Jul 25)
- RE: IPS comparison David L Rice (Jul 25)
- RE: IPS comparison Lyal Collins (Jul 26)
- RE: IPS comparison Alexis Villagra - VILSOL LatinAmerica (Jul 26)
- RE: IPS comparison Martin (Jul 25)
- RE: IPS comparison Security Focus (Jul 26)
- RE: IPS comparison Dane Warren (Jul 25)
- IPS Comparison Darwin (Jul 25)
- RE: IPS Comparison Security Focus (Jul 26)
- RE: IPS comparison Singh, Yashpal (Jul 25)
- RE: IPS comparison Jeffrey Leggett (Jul 26)
- Re: IPS comparison Chuck (Jul 27)
- RE: IPS comparison Soszynski, Chris (Jul 27)
- RE: IPS Comparison JP Garcia (Jul 27)
- RE: IPS Comparison Miguel Dilaj (Jul 27)
- Re: IPS Comparison Ivan C (Jul 29)
- RE: IPS Comparison Miguel Dilaj (Jul 27)