Re: Re: IDS evaluation

From: Stefan Dens (Stefan.dens@pandora.be)
Date: 08/22/02 

From: "Stefan Dens" <Stefan.dens@pandora.be>
To: focus-ids@securityfocus.com
Date: Thu 22 Aug 2002 18:35:59 +0200

Hi,

>I'm a Snort fan but deploying 12 of them with central management needs good
>expertise and multi-tool gluying skills.

I'm also a snort fan but deploying 12 sensor with a central management is easy.
Take a look at SnortCenter http://users.pandora.be/larc , it is a complete management system to manage remote snort sensors. Next week there will be a new version available with a lot of new features. The new version will also work on linux, *BSD, solaris & Windows.

And the best of all it's free under GPL license

Regards,
Stefan Dens

------------------------
 Saad Kadhi <bsdguy@docisland.org> wrote:
------------------------
On Wed, Aug 21, 2002 at 04:04:07PM -0400, Elijah Savage wrote:
>> I am coming to you experts for a little help. It has come time to renew our
>> maintenance contract with cisco we have the old netranger product. Well my
>> company wants me to do a review of 3 products of my choice to see what
>> other products may provide us a better solution that what we currently
>> have. We have 12 IDS sensors currently. Can you all recommend 3 products
>> that will be worth my time to take a look at?
>If central management/event correlation is what you need then my list would be:
>1.Enterasys Dragon
>2.Cisco Secure IDS
>3.ISS
>
>However, the new appliances from Cisco that promise better performance than
>Dragon (among other things) are still vaporware at this time.
>
>I'm a Snort fan but deploying 12 of them with central management needs good
>expertise and multi-tool gluying skills.
>
>--
>Saad Kadhi
>[pgp keyid: 35592A6D http://pgp.mit.edu]
>[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63 65EB 34F1 DBBF 3559 2A6D]
># booth slave for hire