Re: IPS comparison

• Previous message: Alexis Villagra - VILSOL LatinAmerica: "RE: IPS comparison"
• In reply to: bw: "IPS comparison"
• Next in thread: Jeffrey Leggett: "RE: IPS comparison"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "bw" <bjshhsjb@yahoo.com>, <pen-test@securityfocus.com>
Date: Tue, 26 Jul 2005 13:16:46 +0400

bw,
I made something similar lately,
first of all start with http://www.nss.co.uk/
personally I would go with TopLayer, the only once passed both tests.

another thing, take a look at the products history, things like
who started as an IPS not an IDS, who is ASIC based , how many proven
concurrent connections it can handle ,
does it follow a protocol analysis or signatures throw & catch.

finally for reference if it makes any sense
· The lack of a stateful firewall for all connections and policy
control. A hardware limit of 10,000 signatures, which can all be used up if
diverse policies are specified for different segments or IP addresses with
existing signatures, leaving no room for expansion.
· The lack of effective high availability solutions that increase
performance and scalability cannot reliably support asymmetry in networks HA
decreases performance significantly.
· Lack of network infrastructure class reliability, required for
in-line deployments.
· Close to 100% reliance on IDS like signatures for protection.
Digital Vaccine, or automatic signature updates on an inline infrastructure
device is thus necessary, and poses a risk of automated blocking of real
world business traffic, and potentially violates network change control
policies.
· No real world Denial of Service (DoS) or DDoS protection.
· Built around an off the shelf Layer 2 switch ASIC and off the
shelf network processors, even claimed latency at between 1ms and 215 ?s is
too high for inline deployments.

TopLayer series handle around 30,000 connection with a latency of 0.04 ms
and 0.08 ms with deep inspection enabled

Please disregard it, if it does not make any sense :)

DokFLeed
Smoke Dope, Eat Soap, Fly Home in a Bubble

----- Original Message -----
From: "bw" <bjshhsjb@yahoo.com>
To: <pen-test@securityfocus.com>
Sent: Monday, July 25, 2005 8:52 PM
Subject: IPS comparison

I have been tasked with comparing IPS appliances. I am
seriously looking at top layer's product line and
tipping point. Does anyone have a spreadsheet or know
of any tool they would be willing to share for
comparing products. Im new to this so any help would
be appreciated

thank you

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

• Previous message: Alexis Villagra - VILSOL LatinAmerica: "RE: IPS comparison"
• In reply to: bw: "IPS comparison"
• Next in thread: Jeffrey Leggett: "RE: IPS comparison"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]