[Dshield] IPS/IDS solutions--your opinions?
Tom
dshield at oitc.com
Wed Jan 23 18:45:05 GMT 2008
At 5:37 AM -0800 1/23/08, Pete Cap wrote:
>List,
>
>Would anyone mind discussing the pros and cons of IDS/IPS solutions
>you've used?
>
>I've been trained on several systems, the only one of which is
>current is Mcafee's. They all had pros and cons but I liked
>Intrushield a lot, but for a few things--for instance, Cisco's
>product never impressed me, but you could always just run snoop when
>you saw something weird. I'm also not a huge fan of their
>all-in-wonder router/IDS gear but I haven't used it very much. I
>want to look into Sourcefire at some point this year as well.
Sourcefire make a good analysis and management system.
For IDS we like snort - open source and easily configurable.
Tom
--
Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/
US Phone Numbers: 321-984-3714, 321-729-6258(fax),
321-258-2475(cell/voice mail,pager)
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trshaw at mac.com
The policy of relying on market forces that the Bush administration
claimed for seven years would propel broad access is irresponsible
and insufficient
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. Benjamin Franklin
More information about the list
mailing list