Re: IDS evaluation
From: securityguy@hush.comDate: 08/21/02
- Previous message: Dominik Kruk: "ClearResponse"
- Maybe in reply to: Elijah Savage: "IDS evaluation"
- Next in thread: Joseph M Hoffman: "Re: IDS evaluation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Aug 2002 21:30:06 -0000 From: <securityguy@hush.com> To: focus-ids@securityfocus.com('binary' encoding is not supported, stored as-is) In-Reply-To: <OFBC4A3F41.A9EE807A-ON85256C1C.006DD317@com>
Depending on the expertise you have in your organization you might want to
look at Snort. I am in the middle of setting up Shadow IDS (also a free
solution) and find Snort to be easier/better.
But if commercial products are what you need, apparently the next version
of ISS RealSecure is supposed to be better -- be warned that RealSecure
takes a lot of tweaking to get to run properly with few 'false alerts'.
Intrusion.Com Secure Net pro is also worth a look -- the product is good
but I don't have a lot of faith in the company as they seem to be a boat
with no direction.
To me, Snort is the best solution and if you have to, you can even pay for
it these days.
>I am coming to you experts for a little help. It has come time to renew
our
>maintenance contract with cisco we have the old netranger product. Well my
>company wants me to do a review of 3 products of my choice to see what
>other products may provide us a better solution that what we currently
>have. We have 12 IDS sensors currently. Can you all recommend 3 products
>that will be worth my time to take a look at?
>
>I would greatly appreciate any answers.
>
>
- Previous message: Dominik Kruk: "ClearResponse"
- Maybe in reply to: Elijah Savage: "IDS evaluation"
- Next in thread: Joseph M Hoffman: "Re: IDS evaluation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
