Re: ROI on IDS/IPS products
- From: Martin Roesch <roesch@xxxxxxxxxxxxxx>
- Date: Fri, 27 Feb 2009 13:47:16 -0500
Bejtlich does lots of writing around security ROI and whether ROI is
even an appropriate term when applied to security spending. Try this
link and have a read.
http://taosecurity.blogspot.com/search?q=roi
Marty
On Fri, Feb 27, 2009 at 12:08 PM, Ravi Chunduru
<ravi.is.chunduru@xxxxxxxxx> wrote:
I was talking to a junior security administartor working for a big
telecom company. He said something which is worrying. After few
years of IPS deployment in particular department, they decided to
remove IPS devices. It was felt that they did not find enough ROI to
justify 2 dedicated personnel to monitor and analyze IDS/IPS logs and
reports. It apperas that no major incidents were detected by network
IPS devices. they felt that signature coverage is either poor or not
timely. i also was told that these IPS devices are from industry
leaders.
Can you share your experiences? Any examples of successful detection
and prevention of major attacks and penetration by IPS devices.
Thanks
Ravi
--
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source IDP - http://www.snort.org
- Follow-Ups:
- RE: ROI on IDS/IPS products
- From: Pete Lindstrom
- RE: ROI on IDS/IPS products
- References:
- ROI on IDS/IPS products
- From: Ravi Chunduru
- ROI on IDS/IPS products
- Prev by Date: Re: ROI on IDS/IPS products
- Next by Date: RE: ROI on IDS/IPS products
- Previous by thread: Re: ROI on IDS/IPS products
- Next by thread: RE: ROI on IDS/IPS products
- Index(es):
