Re: TippingPoint vs. Intrushield

• Previous message: Mitchell Ashley: "RE: Hi, I want to study IPS"
• In reply to: Jacob Winston: "TippingPoint vs. Intrushield"
• Next in thread: Darren Bounds: "Re: TippingPoint vs. Intrushield"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-ids@securityfocus.com
Date: Thu, 15 Jul 2004 11:39:15 -0700

Jacob:

I implemented a TippingPoint for my prior employer (Govt. service
provider). It performed extremely well blocking 400,000+ attacks per day
(mostly Nimda, etc.). It was transparent to our clients (except where they

saw the drop off of worm attacks), and allowed us to get extremely
granular in what we wanted to "recognize" and alert/ block on using their
"custom shield writer".

We also used it to enforce policy (such as disallowing Kazaa regardless of
port number used, etc.) It was easy to
configure and manage. I personally would recommend it to anyone looking
for an IPS product.

Just my $0.02

Justin Ross
MCP+I, MCSE, CCNA, CCSA, CCSE, CCSI
Senior Network Security Engineer
Signal Solutions Inc. - http://www.signalcorp.com
101 Wilcox Dr.
Sierra Vista, AZ 85635
Phone: (520) 459-1354 x3095
Cell: (520) 234-4080
Fax: (520) 459-1428
Email: Justin.Ross@signalsolutionsinc.com

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------

• Previous message: Mitchell Ashley: "RE: Hi, I want to study IPS"
• In reply to: Jacob Winston: "TippingPoint vs. Intrushield"
• Next in thread: Darren Bounds: "Re: TippingPoint vs. Intrushield"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]