Re: Network IDS

• Previous message: Darren Windham: "Intrusion prevention and dDos protection"
• In reply to: Robert.Lupo_at_nokia.com: "RE: Network IDS"
• Next in thread: Steffen Kluge: "RE: Network IDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 21 Aug 2003 10:20:09 -0400
To: Robert.Lupo@nokia.com

Robert.Lupo@nokia.com wrote:

> I have seen time and time again people buying a product, getting vendor training and then viewing the logs and thinking "wo ho! I have IDS!" but do you know how to write your own rules, signatures, analyze the traffic for what your company needs?
> Before you go and buy any product, you should get yourself properly trained, then view the products and figure out what is going to best suit your needs.

I don't think a product like this should be purchased without hands-on
eval time. Sales demos are staged and most literature (technical and
otherwise) won't give you the information you need about a product
to make a wise decision.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University
Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world’s premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symanetc is the Diamond sponsor.  Early-bird registration ends September 6 Visit: www.blackhat.com
---------------------------------------------------------------------------

• Previous message: Darren Windham: "Intrusion prevention and dDos protection"
• In reply to: Robert.Lupo_at_nokia.com: "RE: Network IDS"
• Next in thread: Steffen Kluge: "RE: Network IDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]