[Dshield] Security in Layers
tonye at billy.demon.nl
Fri Mar 26 21:19:34 GMT 2004
fre, 26.03.2004 kl. 00.21 skrev John Holmblad:
I really appreciated this answer and its content. You know, what I'd
really like to see would be co-operation between Microsoft and "the rest
of the world".
> I should add that other industry voices have expressed concern about the
> complexity of managing an IDS environment so in that sense Jesper
> Johanssen is not a lone voice although he may be in the minority.
> Recall the following ruckus from last summer (now old news) after
> Gartner's declaration of the death of IDS:
This was a very interesting summary; I'm no Gartner, so my opinion is
probably valueless - and obviously firewalls are the first line of
defense from outside one's network. But intruders can come from within
one's network as well, and there will always be a need to monitor
traffic coming in both directions through a firewall, and on both sides
of it. Moreover, IDS for a Unix person is far more than simply
monitoring a network connection, being also effective accounting of
> In fact for small and medium enterprises, an outsourced monitoring
> solution (e.g. Counterpane - www.counterpane.com) might be more cost
> effective than having inhouse IDS/IPS expertise and systems.
Agree utterly. However, that's no argument against IDS.
mail: billy - at - billy.demon.nl
More information about the list