RE: [Full-Disclosure] Tipping Point IPS systems

From: Forbes, Robert (Robert_Forbes_at_reyrey.com)
Date: 08/04/04

  • Next message: Thomas Biege: "[Full-Disclosure] SUSE Security Announcement: libpng (SUSE-SA:2004:023)" 
    To: "'Paul Schmehl'" <pauls@utdallas.edu>, Ryan Sumida <rsumida@csulb.edu>, full-disclosure@lists.netsys.com
Date: Wed, 4 Aug 2004 10:05:59 -0400

    Really the Cadillac of IPS, it is designed for high load networks. We were
    very impressed with it but it carries a hefty price tag for that
    performance.

    -----Original Message-----
    From: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Paul Schmehl
    Sent: Tuesday, August 03, 2004 10:30 PM
    To: Ryan Sumida; full-disclosure@lists.netsys.com
    Subject: Re: [Full-Disclosure] Tipping Point IPS systems

    --On Tuesday, August 3, 2004 1:46 PM -0700 Ryan Sumida <rsumida@csulb.edu>
    wrote:

    >
    > Not sure if I should be posting to this list but didn't know where else
    > to ask.
    >
    > I've seen a few posts on network protection devices such as Netscreen,
    > Checkpoint and Fortigate products but I haven't seen anything on Tipping
    > Point. Of any of you that have used a Tipping Point box, how does it
    > compare to the others? I'm aware of the bugs in the reporting features,
    > I'm more interested in hearing how effective their filters work
    > especially under heavy conditions.
    >
    We were impressed with it during an eval. I know of one school that is
    using it and is so happy they've bought more (for the interior networks.)

    Paul Schmehl (pauls@utdallas.edu)
    Adjunct Information Security Officer
    The University of Texas at Dallas
    AVIEN Founding Member
    http://www.utdallas.edu

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Thomas Biege: "[Full-Disclosure] SUSE Security Announcement: libpng (SUSE-SA:2004:023)"

    Relevant Pages

    • RE: FTP scans from wanadoo.fr
      ... space and they have requested a list of source IPs involved in scanning ... with Wanadoo.fr management, and they need some data to go with it. ... >> I have started gathering IPs and just blocking the networks as wanadoo ... >> For more information on this free incident handling, ...
      (Incidents)
    • Re: FTP scans from wanadoo.fr
      ... now aware of the scope of the scanning activity from Wanadoo.fr network ... space and they have requested a list of source IPs involved in scanning ... with Wanadoo.fr management, and they need some data to go with it. ... >> I have started gathering IPs and just blocking the networks as wanadoo ...
      (Incidents)
    • Re: How to choose an IDS/FW MSS provider
      ... > have completely out of band management networks. ... >> With the obvious success of IPS technologies at the perimeter, ... > vendor market as a whole) get to learn from their mistakes and successes. ...
      (Focus-IDS)
    • FTP scans from wanadoo.fr
      ... logging connects attempts to port 21 from various ips that resolve to ... script randomly scanning ips. ... what would happen if port 21 was open, it attempted to login as anonymous ... I have started gathering IPs and just blocking the networks as wanadoo seems ...
      (Incidents)
    • Re: IPS, alternative solutions
      ... and dad networks, but for large financial networks with billions of pounds ... assuming that the IPS engineer can write effective signatures, ... As a service provider I can't tell you how ... in our position and I think a large majority of our customers would agree. ...
      (Focus-IDS)