Re: [fw-wiz] How should an Internet connection/firewall be designed?

Hash: SHA1

On Thu, 18 Jan 2007, Dave Piscitello wrote:


How many companies still use IDS?

Depends on your use of the word "use" - lots still have IDS and IPS connected
to networks. I suspect fewer meaningfully improve their security profile
because they have dummied them down, or don't use what they monitor. I'm
among the "A properly configured and administered firewall is often as good
or better than IDS because it *is* IPS" radicals.

Actually a minor correction or perception here, most implementations of
IDS systems have traditionally been of no real benefit to an organizations
security posture, since the vast majority were and remain placed in a poor
place or position of the security environment to serve any real or
significant purpose, since the vast majority of these were positioned in
front of the firewall on the outside of the perimeter of the network.
Their main purpose being to enhance budgets and head counts.



Ron DuFresne
- --
admin & senior security consultant:
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

-Tom Robbins <Still Life With Woodpecker>
Version: GnuPG v1.4.5 (GNU/Linux)

firewall-wizards mailing list

Relevant Pages

  • Re: Is IDS/IPS worthless?
    ... >>firewall instead of in front of it should BOTH ... >>fill in the gap left by the false sense of security firewalls give (a ... >IDS technology and I certainly believe in the usefullness of IDS. ... that is confusing IDS and NIDS together. ...
  • RE: Thinking about Security rules...
    ... > Subject: Re: Thinking about Security rules... ... >>rules for the IDS. ... by which you attack. ... firewalls in series isn't nearly as nice as a stateful firewall coupled ...
  • Re: Is IDS/IPS worthless?
    ... > firewall instead of in front of it should BOTH ... > fill in the gap left by the false sense of security firewalls give (a ... > network services, and it is on the traffic related to these services ... IDS technology and I certainly believe in the usefullness of IDS. ...
  • Re: [fw-wiz] How to Save The World (was: Antivirus vendor conspiracy theories)
    ... This one looks like it should burgeon into another good set of rants. ... >> then you have host based security as well to add to the mix. ... Nobody seemed to be able to make an IDS that was both dumb enough to be ... > firewall rule decisions. ...
  • Re: some reality about iptables, please
    ... He also links it to adaptive firewall rules ... harsh critical review by security professionals, ... BTW, my previous post should have indicated PRE-up and POST-down clauses ...