Re: Any IDS Recommendations?

From: S. Pidgorny (slavickp_at_yahoo.com)
Date: 07/13/05

• Next message: Mercury: "Re: Any IDS Recommendations?"
• Previous message: nicolasfr_at_gmail.com: "Re: Log anonymous share access"
• In reply to: The Poster: "Any IDS Recommendations?"
• Next in thread: The Poster: "Re: Any IDS Recommendations?"
• Reply: The Poster: "Re: Any IDS Recommendations?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 13 Jul 2005 20:50:55 +1000

Hi there,

I recommend Snort. The open source solution is used in at least one of
Australian Big 5 banks. Alternatively, you can use SourceFire - they add
nice management interface, "supportability" and price tag.

Implementing NIDS in front of the external firewal - bad idea. You will have
a lot of rubbish and chances are that you'll miss something important. DMZ
is a different matter - port scan has to raise a legitimate alarm in there.
On the corporate network implement your NIDS too, you must.

-- 
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
"The Poster" <nospam@nospam_dontyoudare.net> wrote in message
news:uTuR$k4hFHA.2644@TK2MSFTNGP09.phx.gbl...
> G/Day Forum,
>
> I currently in the process of evaluating a number of IDS solutions. This
IDS
> system will sit between an edge router (configured with ingress/egress
> filtering) and a Cisco Firewall. Our throughput requirement is low, as
we've
> only got a 2mb leased line to our ISP..
>
> Whats important to us:
> - ease of configuration and ongoing management
> - cost effectiveness
> - suitability to Industry (Financial)
> - logging ability/high quality reports/audit trail
>
> The products I'm currently looking at are:
> - Tipping Point 50
> - Cisco IDS 4215
>
> Any ideas, opinions, guidance?
>
> Regards,
> Steve.
>
>

• Next message: Mercury: "Re: Any IDS Recommendations?"
• Previous message: nicolasfr_at_gmail.com: "Re: Log anonymous share access"
• In reply to: The Poster: "Any IDS Recommendations?"
• Next in thread: The Poster: "Re: Any IDS Recommendations?"
• Reply: The Poster: "Re: Any IDS Recommendations?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Any IDS Recommendations? ... The open source solution is used in at least one of ... > I currently in the process of evaluating a number of IDS solutions. ... > filtering) and a Cisco Firewall. ... > - ease of configuration and ongoing management ... (microsoft.public.security) Re: Any IDS Recommendations? ... The open source solution is used in at least one of ... > I currently in the process of evaluating a number of IDS solutions. ... > filtering) and a Cisco Firewall. ... > - ease of configuration and ongoing management ... (microsoft.public.security.virus) Any IDS Recommendations? ... I currently in the process of evaluating a number of IDS solutions. ... filtering) and a Cisco Firewall. ... ease of configuration and ongoing management ... (microsoft.public.security.virus) Any IDS Recommendations? ... I currently in the process of evaluating a number of IDS solutions. ... filtering) and a Cisco Firewall. ... ease of configuration and ongoing management ... (microsoft.public.win2000.security) Any IDS Recommendations? ... I currently in the process of evaluating a number of IDS solutions. ... filtering) and a Cisco Firewall. ... ease of configuration and ongoing management ... (microsoft.public.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint