Re: Gateway IDS

From: Fatfinger (fatfinger@uol.com.br)
Date: 06/25/02 

From: "Fatfinger" <fatfinger@uol.com.br>
To: "Jochen Vogel" <jvogel@it-sec.de>, <focus-ids@securityfocus.com>
Date: Mon, 24 Jun 2002 19:30:03 -0300

I would recommend Enterasys' Dragon or Symantec Gateway Security (I use this
one).

They are both appliances. Dragon supports Gb throughput but Symantec Gateway
Security is a firewall, vpn, antivirus, content filtering and ids in a
single box (also with integrated HA/LB)

As they are appliances, it's easier to deploy in my opinion.

I don't know if the Nokia/Chekpoint box does IDS but I've been hearing a lot
of bad complaints due to costs to maintain it and also some complaints
saying it's too hard to configure in a good manner.

All the best

Fatfinger

----- Original Message -----
From: "Jochen Vogel" <jvogel@it-sec.de>
To: <focus-ids@securityfocus.com>
Sent: Monday, June 24, 2002 5:14 AM
Subject: Gateway IDS

> hi,
>
> since last year i search a working gateway IDS solution.
> i search a solution that work like a firewall but additionally
> can block packets after an correlation with IDS signatures.
> the solution to send RST packets or reconfigure a firewall
> is nice but not really about latency or spoofing packets.
>
> greets
> Jochen
>