Educational Incident Data Comparison Pilot (X-Post)
From: Alfred Huger (alfred_huger@symantec.com)
Date: 04/02/03
- Previous message: Lau Ker Chea: "how to test IDS performance?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: focus-ids@securityfocus.com, incidents@securityfocus.com, security-basics@securityfocus.com, aris-users@securityfocus.com From: "Alfred Huger" <alfred_huger@symantec.com> Date: Tue, 1 Apr 2003 16:50:44 -0700
Hello all,
Symantec is starting a free pilot program for Educational institutions
around to world to compare their Firewall and IDS incident data. In
specific the pilot will allow for educational facilities to contrast their
own Incident data with that of other educational facilities, and the rest
of the world, on a near real-time basis. With this reporting, pilot users
will be able to obtain detailed statistics on how their organization
contrasts the rest of the world. They will be able to run granular
reports, including reports on specific attackers and event types (IDS and
Firewall). These reports will provide a comparison of attacks targetting
your own network, contrasted with those seen by other users within the
DeepSight Threat Management System. The DeepSight Threat Management System
currently monitors data from educational institutions in over 50 countries.
In addition to this pilot users get full (free) access to the DeepSight
Threat Management System . More can be read about this system at:
http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=158&EID=0
The basic requirements for this Pilot are as follows:
1. You must be an educational institution
2. You must run one of the supported IDS or Firewall systems, configured on
an external network interface, exposed to the Internet.
BlackIce 2.0-3.x
Cisco IOS 12.x
Cisco PIX 4.2-5.1
Cisco Secure IDS (Netranger) 2.5-3.0
Enterasys Dragon 4.2.2
Check Point Firewall-1 Next Generation, NG
IP Chains
IPF
NetProwler 3.5x
NetScreen 200, 100, 50, 25, 5XP
RealSecure 3.1-5.5, 6.00-7.0
Snort 1.6-1.9.x
Snort Portscan 1.6-1.9.x
ZoneAlarm 2.6.0
3. You must be willing to contribute this data to the system for comparison
on a timely basis.
4. You must have a minimum of 20,000 IP addresses monitored.
If you are interested in this Pilot please mail me directly and I will
respond including more specific data including sample reports, screenshots
etc.
Alfred Huger
Senior Director, Engineering
Symantec
-----------------------------------------------------------
ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
Learn why 70% of today's successful hacks involve Web Application
attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter
Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71
- Previous message: Lau Ker Chea: "how to test IDS performance?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
