Advice on IDS product

From: Dee Bee (db2853@whycertainly.net)
Date: 02/13/03

• Next message: David: "Re: Netscreen HELP! Netscreen Remote Dynamic IP to 5Xp Dynamic IP... Doable?!"
• Previous message: Neil: "Re: Regular machine hanging (01:00 & 13:00)"
• Next in thread: NeoSadist: "Re: Advice on IDS product"
• Reply: NeoSadist: "Re: Advice on IDS product"
• Reply: Alexander Delarge: "Re: Advice on IDS product"
• Reply: W. B.: "Re: Advice on IDS product"
• Reply: SysAdm: "Re: Advice on IDS product"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Dee Bee" <db2853@whycertainly.net>
Date: Thu, 13 Feb 2003 12:26:11 GMT

Hello!
My company is looking for an IDS, and though I've read quite a few postings
up here to learn some basics, I could still use some advice:

* We have a frac T1 line coming in, going through a Cisco 2600 series
router. Presently our "firewall" is a series of access-lists in the router.
* Connected to the outside are an NT web server, a Win2k proxy server, and a
Win2k Terminal Server.
* Looking at my Cisco access-lists, I am calculating we get about 1.5
million packets coming in per day, and about the same number going out. (Not
sure if that qualifies our load as light, heavy, etc.)
* I already spend 112.2% of my day programming, and administering a
database,web site, network, etc. and so can't spend a week coming up to
speed on a complicated product.
* Am attracted to the (possible) economy of putting software like BlackIce
on a Win2k box, but also love the reliability of a dedicated appliance (our
Cisco router rocks!). I'll throw out a figure of $3,000 as the absolute most
I can invest.
* Would **love** to replace the access-lists with a more dynamic, easily
managed product.

Any thoughts will be greatly appreciated...

Dee Bee

---

• Next message: David: "Re: Netscreen HELP! Netscreen Remote Dynamic IP to 5Xp Dynamic IP... Doable?!"
• Previous message: Neil: "Re: Regular machine hanging (01:00 & 13:00)"
• Next in thread: NeoSadist: "Re: Advice on IDS product"
• Reply: NeoSadist: "Re: Advice on IDS product"
• Reply: Alexander Delarge: "Re: Advice on IDS product"
• Reply: W. B.: "Re: Advice on IDS product"
• Reply: SysAdm: "Re: Advice on IDS product"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Routing across internal subnets ... We are having no problems with the Cisco Tunnel, ... I think a DC at the remote locations is probably out of the question. ... You would want a Terminal Server on a member server. ... Other than not being able to ping the internal nic from the router, ... (microsoft.public.windows.server.sbs) Re: Routing across internal subnets ... I am struggling here cause I don't do Cisco. ... SBS does not play nice with three nics. ... You would want a Terminal Server on a member server. ... Other than not being able to ping the internal nic from the router, ... (microsoft.public.windows.server.sbs) Re: ISA Server cannot access www.microsoft.com ... might have something to do with a Cisco router? ... this server worked fine in our office through our ... The internet connection was through a new cisco 327 adsl ... >> 828263 DNS query responses do not travel through a firewall in Windows ... (microsoft.public.backoffice.smallbiz) Re: SBS2003 with 2 NIC and Cisco 876 router setup ... It sounds like what you need is a Cisco consultant to come in and configure ... little experience with Router setups and it seems not to work as I would ... I can get internet access to all workstations but not email or other ... I have installed an SBS2003 server with 2 NIC's and have been running it ... (microsoft.public.windows.server.sbs) ADSL / Router on a Win2k Server network ... I'm going to add a ADSL Router to a Windows 200 Server ... DHCP is enabled on the Win2k PC ... (microsoft.public.win2000.networking)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)