RE: Entercept HIDS Question

Josh.Berry_at_compucom.com
Date: 03/02/04

  • Next message: AJ Butcher, Information Systems and Computing: "RE: [inbox] Re: Counter detect Network Sniffer"
    To: <sam@neuroflux.com>
    Date: Tue, 2 Mar 2004 12:25:05 -0600
    
    

    My company bought Entercept and then immediately removed it from
    production if that tells you anything. It caused blue-screen's like
    crazy, huge performance issues, and blocked an inordinate amount of
    allowed traffic. This was even in detect only mode.

    -----Original Message-----
    From: sam@neuroflux.com [mailto:sam@neuroflux.com]
    Sent: Tuesday, March 02, 2004 11:31 AM
    To: focus-ids@securityfocus.com
    Subject: Entercept HIDS Question

    Hello.. We are currently in the process of selecting a HIDS based
    product, and according to the Entercept sales person, they claim that
    the
    product has a feature that works very much like Tripwire.

    My question here, is how much overhead does it add to a server, to watch
    the filesystem in real time? And, if we already have Tripwire, would
    their File Integrity checking process be enough to replace Tripwire?

    And, if anyone is currently using the Entercept HIDS product, I'm
    wondering how easily it can be managed (not only from the HIDS piece,
    but
    from the file integrity standpoint -- excluding files, creating
    policies,
    etc.)

    Thanks!
    -Sam

    ------------------------------------------------------------------------

    ---
    Free 30-day trial: firewall with virus/spam protection, URL filtering,
    VPN,
    wireless security
    Protect your network against hackers, viruses, spam and other risks with
    Astaro
    Security Linux, the comprehensive security solution that combines six
    applications in one software solution for ease of use and lower total
    cost of
    ownership.
    Download your free trial at 
    http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
    wireless security
    Protect your network against hackers, viruses, spam and other risks with Astaro
    Security Linux, the comprehensive security solution that combines six
    applications in one software solution for ease of use and lower total cost of
    ownership.
    Download your free trial at 
    http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
    ---------------------------------------------------------------------------
    

  • Next message: AJ Butcher, Information Systems and Computing: "RE: [inbox] Re: Counter detect Network Sniffer"

    Relevant Pages

    • RE: Entercept HIDS Question
      ... Entercept only to give up after two months of silence.. ... > Protect your network against hackers, viruses, spam and other ... > risks with Astaro Security Linux, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: Entercept HIDS Question
      ... Entercept only to give up after two months of silence.. ... > Protect your network against hackers, viruses, spam and other ... > risks with Astaro Security Linux, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: Entercept HIDS Question
      ... Subject: Entercept HIDS Question ... > Protect your network against hackers, viruses, spam and other ... > risks with Astaro Security Linux, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • Re: blocking p2p traffic
      ... Network Security Specialist ... firewall with virus/spam protection, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: A new technique to disguise a target URL in spam
      ... I have seen the same technique used in other emails, ... firewall with virus/spam protection, URL filtering, VPN, ... Security Linux, the comprehensive security solution that combines six ...
      (Incidents)