RE: eEye Blink and other Endpoint IPS solutions.
From: Billy Dodson (billy_at_pmicromart.com)
Date: 06/28/05
- Previous message: Mark Teicher: "Re: eEye Blink and other Endpoint IPS solutions."
- Maybe in reply to: mashraf_at_hushmail.com: "eEye Blink and other Endpoint IPS solutions."
- Next in thread: Alex Arndt: "RE: eEye Blink and other Endpoint IPS solutions."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Jun 2005 09:18:58 -0500 To: <mashraf@hushmail.com>, <focus-ids@securityfocus.com>
Mina,
I work with Cisco Security Agent on a daily basis. I have yet to find
any significant performance issues. PC's today are so fast that the
processor utilization of such software is not noticeable. If you are
talking older sub GHz machines, this may be a different story. Network
intrusion prevention\detection does not keep your users from downloading
viruses nor does it prevent the threat of internal attacks. I have
personally seen CSA stop 0 day viruses in my network. Since CSA is
behavioral based, not signature based like NIDS or NIPS, it prevents
known and unknown threats. You should look into it. I have not
personally used Blink, I have used some of Eeye's other products and
have no complaints. But I have had customers demo both Blink and CSA
side by side, and they ended up purchasing CSA.
Billy
-----Original Message-----
From: mashraf@hushmail.com [mailto:mashraf@hushmail.com]
Sent: Monday, June 27, 2005 6:05 AM
To: focus-ids@securityfocus.com
Subject: eEye Blink and other Endpoint IPS solutions.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Is there anyone out there using Host Based Intrusion Detection systems
like eEye's Blink that would care to comment on their performance? What
I'd like to know is what kind of impact they have on system performance
and how their effectiveness compares to NIPS.
They seem to be far cheaper for small to medium size businesses and
would seem to avoid the question of whether the IPS can handle network
traffic greater than 1Gbs. Or am I trying to compare apples and oranges?
Thanks,
Mina
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4
wkUEARECAAYFAkK/3WcACgkQbCO63n74eTMykQCdHVG9qBTDlM+hTCbpXyaMeYfgCGEA
mNG0NCAshWhaO/l1k+qYHHq9PqM=
=c6ai
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get secure FREE email:
http://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434
Promote security and make money with the Hushmail Affiliate Program:
http://www.hushmail.com/about-affiliate?l=427
------------------------------------------------------------------------
-- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ -- -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
- Previous message: Mark Teicher: "Re: eEye Blink and other Endpoint IPS solutions."
- Maybe in reply to: mashraf_at_hushmail.com: "eEye Blink and other Endpoint IPS solutions."
- Next in thread: Alex Arndt: "RE: eEye Blink and other Endpoint IPS solutions."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
