RE: IDS causing troubles



Hello Shang,

I am handling IBS-ISS products for my company for the past 5 years, and didn't face any issues till now. Can you brief your issue? Did your team configured TCP Reset/Kill in the policy? Your should check the Network and Server Sensor policy file first, and then check your network infrastructure.

Best Regards,
Alex Nepolian  C|EH

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Shang Tsung
Sent: Tuesday, February 01, 2011 3:23 PM
To: focus-ids@xxxxxxxxxxxxxxxxx
Subject: IDS causing troubles

Hello,

We have the following problem. Now and then, the IDS will cause
disruptions to the network, especially after updates. We have an IBM
(ex ISS) Intrusion Detection System with a few network sensors and
several host sensors. The IDS is not managed by us but we have it
outsourced.

The disruptions mentioned above cause our network engineers extreme
dissatisfaction (and anxiety) about the IDS and they would "burn the
damn thing", if they could. We have 2 - 3 serious issues, causing
downtime, per year.

My questions are:

- Are any of you experience the same issues?
- Is these disruptions common to others or should we seriously
consider replacing the IDS and/or the outsourcing company?
- Could this be an issue with our network infrastructure?

I will appreciate any thoughts.

Thanks,
ST

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194



This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information.
If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful.

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194