RE: Fortinet IDS

From: Tom Neclerio (Tneclerio_at_guardednetworks.com)
Date: 10/18/04

  • Next message: Victor Julien: "Re: [Snort-inline-users] [Fwd: Re: Fortinet IDS]"
    Date: Mon, 18 Oct 2004 12:22:42 -0400
    To: "Ian Gallagher" <cdine.org@gmail.com>, "Don Draper" <don@draperconsulting.com>
    
    

    Yes it is transparent I work with Fortinet a lot. It can also handle
    authenticated SMTP, where ISS can not.

    -----Original Message-----
    From: Ian Gallagher [mailto:cdine.org@gmail.com]
    Sent: Sunday, October 17, 2004 5:13 AM
    To: Don Draper
    Cc: focus-ids@securityfocus.com
    Subject: Re: Fortinet IDS

    I'm almost certain that their products scan transparently.

    On 14 Oct 2004 13:30:38 -0000, Don Draper <don@draperconsulting.com>
    wrote:
    > In-Reply-To: <200407270109.i6R19ZZr041277@mx-out.daemonmail.net>
    >
    > Does anyone know if Fortinet on-board virus scanning uses an SMTP
    > proxy server? Or is it able to accomplish this transparently by simply

    > inspecting the packets as most the IDS/IPS do.
    >
    > We just purchased a new Proventia M10 from ISS and have discovered
    > that we cannot use it for Anti-Virus (email) or Anti-Spam due the
    > ffact that it uses an on-board SMTP proxy server that does not support

    > SMTP authentication among other issues. The IPS module does not need
    > the proxy and works fine. Having on-board virus scanning at the
    > network edge would be very helpful and Fortinet docs would make you
    > think it is ALL done with packet inspection and without any nasty
    > proxies in the middle. Does anyone know how this works?
    >
    > TIA,
    >
    > Don
    >
    > ----------------------------------------------------------------------
    > ----
    > Test Your IDS
    >
    > Is your IDS deployed correctly?
    > Find out quickly and easily by testing it with real-world attacks from

    > CORE IMPACT. Go to
    > http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to
    learn more.
    >
    ------------------------------------------------------------------------

    --
    > 
    > 
    -- 
    Ian Gallagher
    http://cdine.org
    ------------------------------------------------------------------------
    --
    Test Your IDS
    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from
    CORE IMPACT. Go to
    http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to
    learn more.
    ------------------------------------------------------------------------
    --
    --------------------------------------------------------------------------
    Test Your IDS
    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
    --------------------------------------------------------------------------
    

  • Next message: Victor Julien: "Re: [Snort-inline-users] [Fwd: Re: Fortinet IDS]"

    Relevant Pages

    • RE: Less well-known commercial IDS
      ... anyone has experience with smaller commercial IDS devices ... Symantec isn't one that comes to mind. ... My personal favorite is Fortinet. ... Test Your IDS ...
      (Focus-IDS)
    • Re: Higher-End Home FW Question
      ... SonicWALL (newer firmware) are doing EVERYTHING better than Fortinet ... you can get actual DPI (IDS) on the NetScreen. ...
      (comp.security.firewalls)
    • Re: Fortinet IDS
      ... I believe they used Snort for their IDS. ... Subject: Fortinet IDS ... Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)
    • Re: Firewall that I can buy/sell without partnership
      ... Munpe Q wrote: ... > What isn't wrong with Fortinet. ... IDS, Anti-Virus, etc. ...
      (comp.security.firewalls)
    • Re: The ideal secure SMTP infrastructure
      ... > to deploying the most secure SMTP plaftform taking all ... > Encryption, IDS, etc...) ... I am not an SMTP expert, but the ones I know would suggest that "secure ...
      (microsoft.public.security)