Signatures taking down network
- From: David Williams <dwilliamsd@xxxxxxxxx>
- Date: Sat, 14 Jan 2006 09:03:53 -0500
I'm evaluating a Tipping Point box and after gettting the latest
signatures I'm having problems with the box "crashing". My goal is
not to bash Tipping Point, but instead to gather information on how
often people have seen this type of thing among IPS boxes.
Is there a trend with vendors to roll out signatures as fast as
possible without proper QA? This brings up a lot of questions about
deploying IPS. I want two opposite things from my vendors: 1) I want
the latest signatures super fast. 2) I want proper QA so that it
doesn't bring down my network. I realize those two things are
contradictory, but I thought I'd throw it out there to see if anybody
had any thoughts.
thanks,
d
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
- Follow-Ups:
- RE: Signatures taking down network
- From: Mike Barkett
- Re: Signatures taking down network
- From: Dhruv Soi
- Re: Signatures taking down network
- From: Paul Schmehl
- Re: Signatures taking down network
- From: Ramon Kagan
- RE: Signatures taking down network
- Prev by Date: RE: Tuning false positives - SIM is not the answer
- Next by Date: Announcement: The Web Application Firewall Evaluation Criteria v1 Released
- Previous by thread: BASE 1.2.2 (cindy) released
- Next by thread: Re: Signatures taking down network
- Index(es):
Relevant Pages
|
