Reply: IDS Question

From: Dennis Oliver (doliver@SunCorp.org)
Date: 11/09/01


Subject: Reply: IDS Question
Date: Fri, 9 Nov 2001 08:54:18 -0700
Message-ID: <A37D29D6AFA8EC4195821EABAFBA283E349484@exchange.CO.Suncorp.org>
From: "Dennis Oliver" <doliver@SunCorp.org>
To: <security-basics@security-focus.com>

Thank you all for the Quick responses,
  I have been doing a lot of reading and even more research. I have
also contacted a few resellers of IDS products. Has anyone out there
heard of iSensor by Secure Works. I have hard a little about it and was
wondering a few things. I hear that all traffic goes through the IDS
where as the other sensors listen in promiscuous mode. Supposedly the
iSensor will capture all traffic. Has anyone evaluated or use the
iSensor, I know that you can't really manage the iSensor IDS but was
just trying to look if anyone had any reviews on iSensor.

-----Original Message-----
From: DeBerry, Casey [mailto:CDeBerry@broadband.att.com]
Sent: Thursday, November 08, 2001 3:48 PM
To: Dennis Oliver
Subject: RE: IDS Question

You have alot of reading on your hands...
Do a little research, and if you can, TEST them yourself... Evals are
easy
to come by. This will save many headaches of all the suggestions and
discussions this questions starts. IDS are now like ice cream flavors-
everyon has their favorite. Find the advantages/disadvantages that fit
your/your companies needs.
Here's some stuff to get you started... Take everything you read with a
grain of salt.

http://www.nwfusion.com/reviews/2001/1008rev.html

part one: http://www.networkcomputing.com/1217/1217f1.html
part two: http://www.networkcomputing.com/1217/1217f2.html

Best of luck.

Casey DeBerry
Network Security
AT&T Broadband
PHONE: 303.712.2273
EMAIL: cdeberry@broadband.att.com
PAGER: cdeberry@skytel.com 1.800.258.8741

-----Original Message-----
From: Dennis Oliver [mailto:doliver@SunCorp.org]
Sent: Monday, November 05, 2001 11:54 AM
To: security-basics@security-focus.com
Subject: IDS Question

Hello All,
        Sorry if this is not the right place to post.

        I am trying to implement an IDS and not sure on which brand to
implement, currently we use Checkpoint Firewall-1 for our firewall. I
have heard that real secure IDS is good for integrating with Checkpoint.
My question is does anyone have any recommendations on an IDS that is
easy to manage and not to pricey. What I am looking for in the IDS
features is to have it e-mail or if possible send a Text Page to a cell
phone or pager to alert of attacks, easy to manage, and integrate with
Checkpoint if possible. Any help would be greatly appreciated.

Thanks,
        Dennis



Relevant Pages

  • AW: IDS Question
    ... Subject: AW: IDS Question ... > Virtually all IDS products will allow for alerts that generate emails> and pages as their means of notification. ... I> have heard that real secure IDS is good for integrating with> Checkpoint. ...
    (Security-Basics)
  • RE: IDS Question
    ... Subject: IDS Question ... have heard that real secure IDS is good for integrating with Checkpoint. ...
    (Security-Basics)
  • RE: IDS Question
    ... Does anyone have such a checklist for testing the IDS? ... Asunto: RE: IDS Question ... Dragon product for manageability, cost, and effectiveness. ... have heard that real secure IDS is good for integrating with Checkpoint. ...
    (Security-Basics)
  • RE: IDS Question
    ... Subject: IDS Question ... Rain comes with a whole bunch of "template" attacks that you could use ... have heard that real secure IDS is good for integrating with Checkpoint. ...
    (Security-Basics)
  • Re: Encrypted packet friendly IDS ?
    ... Subject: Encrypted packet friendly IDS? ... Reading, the final frontier. ... >>> functioning higher on the OSI model than the encryption. ...
    (Focus-IDS)