Re: Recommend New Hardware

From: Joe (noone_at_no.com)
Date: 02/14/05

  • Next message: Greg Hennessy: "Re: Block MSN Messenger by router rules (Netgear DG834)" 
    Date: Mon, 14 Feb 2005 07:43:48 -0800

    Mark S wrote:
    > Umm well unlimited IPSEC passthru is pretty common, as is ISP failover, port
    > VPN enforcement, they're all boring firewall features. IDS? Betcha its some
    > crap DoS stuff - not real IDP.
    >
    > PC-Card bit is nice.
    >
    > "Arthur Hagen" <art@broomstick.com> wrote in message
    > news:cuchgt$u7f$1@cauldron.broomstick.com...
    >
    >>As for features, it goes both ways. Nexland patented a system for
    >
    > unlimited
    >
    >>IPsec pass-through, which you can't find on other devices than
    >>Nexland/Symantec. Then there's a backup line that connects automatically
    >>over modem or ISDN if your ISP's line goes down. Quite useful. Or the
    >>ability to plug in a PC card and get instant secure wireless. Or the
    >>ability to enforce VPN on a port by port basis. Most if not all of the
    >>other features listed are also provided by the SGS device. I'm sure
    >
    > there's
    >
    >>things the Sonicwall does better -- URL filtering, for example, is very
    >>rudimentary on the SGS. Other things, I'm sure it doesn't do better.
    >>
    >>No, it's far from perfect, but for the money, I'd go with a SGS320 (or
    >>better yet, an SGS360, and get load balancing/failover between two WAN
    >>lines).
    >>
    >>--
    >>*Art
    >>
    >
    >
    >

    If you said IDS cus I said it it is IPS. The first time I read or ever
    heard of intrusion protection service it was named online, IDS.
    Intrusion Detection service, it was misnamed probably or at least
    whoever wrote the thing called it that for some reason. But yeah it's
    IPS and is awesome i think. If you were not talking about anything I
    said then cool.

  • Next message: Greg Hennessy: "Re: Block MSN Messenger by router rules (Netgear DG834)"

    Relevant Pages

    • Re: Recommend New Hardware
      ... Umm well unlimited IPSEC passthru is pretty common, as is ISP failover, port ... VPN enforcement, they're all boring firewall features. ...
      (comp.security.firewalls)
    • RE: about mirroring port
      ... I would recommend that you not try any 'mirroring' or 'port ... This creates numerous problems within a network, ... On some Cisco routers, I believe that you can use a 'tap port', which allows ... onto multiple IDSes. ...
      (Focus-IDS)
    • Re: IDS10 stability VS IDS11 features (aka "for IBM")
      ... IDS11.50 is around for a good deal time now, _loads_ of new features. ... "freeze" IDS10 code and work ONLY on bug fixes? ... off features for stability, great, here's 11.50, just upgrade. ... IDS 10 has seen small features. ...
      (comp.databases.informix)
    • Re: TAP location
      ... progressing onto the ISS document. ... If you have any further questions concerning tap implementation, ... > I am working on a new hotel/congress setup and I need to install 3 IDS ... > port to a consolidated switch to witch I will attach the sniffing port of ...
      (Focus-IDS)
    • RE: TAP location
      ... > IDS might get you in trouble. ... that you should own the switch, and enforce the rules of configuring the ... going between the direct NIC and the Switch port. ... >>Utilising DNS port as a back channel: I use a forwarder for my internet ...
      (Focus-IDS)
    • Quantcast