Re: Help in evaluating Inline IDS/IPS solution
From: Stephen Samuel (samuel_at_bcgreen.com)
Date: 06/05/03
- Previous message: Angel Todorov: "Re: Checking for backdoors in software products"
- In reply to: Ravi: "Help in evaluating Inline IDS/IPS solution"
- Next in thread: Golomb, Gary: "RE: Help in evaluating Inline IDS/IPS solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 05 Jun 2003 08:44:07 -0700 To: Ravi <ravivsn@roc.co.in>, focus-ids@securityfocus.com
Ravi wrote:
> From sensor technology perspective, I find that all the vendors
> seems to be having
> similar capabilities. But, I am trying to see the continued support
> on new attacks
> and vulnerabilities found.
> One vendor claims that they have 5 dedicated analysts looking at
> the vulnerabilities
> and updating signatures (if needed). Another vendors claims that
> they have more
> than 20 analysts doing this job. Can this be considered in my eval?
> Is it that other
> vendor exaggerating the number of resources they have for this job.
All things being equal, 20 analysts are likely to be better than 5.
On the other hand, 5 really skilled analysts with a good support
structure, tools and communication are going to do a better job than
20 beginners with loose communications, low morale and other duties.
If you can get a chance to actually talk to analysts from the two
companies, you should be able to get a sense of what end of the
quality scale the two groups are. That will make more sense of
the quantitative analysis.
-- Stephen Samuel +1(604)876-0426 samuel@bcgreen.com http://www.bcgreen.com/~samuel/ Powerful committed communication, reaching through fear, uncertainty and doubt to touch the jewel within each person and bring it to life. ------------------------------------------------------------------------------- INTRUSION PREVENTION: READY FOR PRIME TIME? IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention. Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2 -------------------------------------------------------------------------------
- Previous message: Angel Todorov: "Re: Checking for backdoors in software products"
- In reply to: Ravi: "Help in evaluating Inline IDS/IPS solution"
- Next in thread: Golomb, Gary: "RE: Help in evaluating Inline IDS/IPS solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
