Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor

From: Jonathan Gauntt (jon0966_at_yahoo.com)
Date: 10/12/05

Next message: Jim McCullough: "Re: Open source GUI for Snort"

Previous message: vipul kumra: "RE: IDS and Spywares"
In reply to: barcajax_at_gmail.com: "Re: IDS and Spywares"
Next in thread: Tim Holman: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Reply: Tim Holman: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Reply: Teemu Schaabl: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Maybe reply: Gary Halleen (ghalleen): "RE: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Maybe reply: Gary Halleen (ghalleen): "RE: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <focus-ids@securityfocus.com>
Date: Wed, 12 Oct 2005 11:57:00 -0500

Hi,

We are currently running a Cisco IDS 4250 that monitors our internal
traffic. We essentially use this device for historical reporting because we
are a medical oriented facility with at least 100 3rd party connections to
us besides the 8000 employees.

I am considering upgrading the Cisco IDS 4250 to the XL to handle higher
throughput but have been evaluating the Sourcefire IS300 and their RNA
sensor.

I have the ability to purchase the Sourcefire unit or upgrade the 4250.

Sourcefire claims that they are superior with state full IDS inspection and
an overall better product.

Does anyone have any thoughts on these two products? I have about $100k in
my budget to spend.

Thanks,

Jonathan

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

Next message: Jim McCullough: "Re: Open source GUI for Snort"

Previous message: vipul kumra: "RE: IDS and Spywares"
In reply to: barcajax_at_gmail.com: "Re: IDS and Spywares"
Next in thread: Tim Holman: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Reply: Tim Holman: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Reply: Teemu Schaabl: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Maybe reply: Gary Halleen (ghalleen): "RE: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Maybe reply: Gary Halleen (ghalleen): "RE: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Ciscos IDS Vulnerabilities
... The ability of Cisco's IDS to detect attack signatures is NOT affected by ... Lets take RPC buffer overflows for example, ADMmutate ... Cisco IDS will alarm on both the original attack and the ...
(Focus-IDS)
RE: Reports from Cisco IDS
... Cisco IDS reporting features. ... Subject: Reports from Cisco IDS ... The Ciscoworks VMS plugin is very new. ...
(Focus-IDS)
RE: Recommending an IDS system
... I never worked with ISS IDS appliance before so I can't really comment on ... Subject: Recommending an IDS system ... We have been using Cisco IDS systems for a number of years and recently ...
(Security-Basics)
RE: Recommending an IDS system
... the Cisco IDS sensors runs on Solaris ... > an Enterprise Cisco Based network? ... > Talisker Security Tools Directory ...
(Security-Basics)
RE: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor
... IDS, or an IPS, or both. ... Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor ... There is absolutely no protection for rate-based attacks (SYN, TCP, ...
(Focus-IDS)