Re: How to choose an IDS/FW MSS provider

From: Kevin (kkadow_at_gmail.com)
Date: 03/11/05

  • Next message: Koç.net: "RE: How to choose an IDS/FW MSS provider" 
    Date: Fri, 11 Mar 2005 01:03:20 -0600
To: focus-ids@securityfocus.com

    On Thu, 10 Mar 2005 16:28:57 +0000, buineach <securesolutions@gmail.com> wrote:
    > Stephane
    > What is an appliance these days !!
    > Answer: everything
    > What is a checkpoint fw
    > Answer a dell pc running linux
    >
    > What are most IPS, If you look past the appliance label you will find
    > a Linux kernel/OS.
    > So what does this run on, a central cpu I think you will find.

    Cue MJR's "appliance rant #1".

    OTOH, not every "appliance" product runs Linux,
    and not every "appliance" is a PC with fancy stickers,
    there are a few good products based on ASICs.

    And there are products like Intrushield, which are known to
    use Linux/LGPL code and also boast about the high
    performance of "ASIC based appliance" IPS.

    > I think you will admit that the technology used by IDS vendors is
    > almost the same as the appliance IPS they now promote.

    Some IPS vendors call this a feature, others have move beyond their
    IDS products.

    > My problem really is that they are promoting this technology
    > for inline protection when they can so easily become the main
    > bottlenech in any network.

    I gather you've been reading Sun Tzu?

    Kevin Kadow

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from
    CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    to learn more.
    --------------------------------------------------------------------------

  • Next message: Koç.net: "RE: How to choose an IDS/FW MSS provider"

    Relevant Pages

    • Re: How to choose an IDS/FW MSS provider
      ... If you look past the appliance label you will find ... Any true IPS must be stateful and therefore cannot just simply forward ... A managed service from anyone when used as an IDS is great because you ... in any network. ...
      (Focus-IDS)
    • Re: [SLE] Sometimes Linux makes me crazy.
      ... The question is why to convert MS users to Linux? ... They don't do any programming and freak out from seeing a command prompt. ... They don't give their ignorant damns about what OS their appliance is running. ... Graphic system configuration tools is a secondary issue in this respect. ...
      (SuSE)
    • Re: Firewall suggestions wanted
      ... > appliance or linux with iptables/ipchains be better? ... > of the howto's for ipchains, and linux is free and I have a spare box ... > through the firewall to my ISP's dhcp server for a lease. ...
      (comp.security.firewalls)
    • Re: Replacing our google search appliance
      ... What has been the purpose of the appliance? ... > package for Linux. ... server under enormous pressure. ... > pulled using custom Perl and PHP scripts. ...
      (alt.internet.search-engines)
    • Re: [SLE] capturar la consola serie de otro server
      ... language but also I learned something I didn't know before. ... Capture in a Linux box, the output of the serial console of another one ... the application license of this appliance) till now, ... there is also e.g. ttyrpld for kernel-level tty monitoring. ...
      (SuSE)
    Loading