IDS Recommendations

Stauffacher, John stauffacher at
Mon Dec 22 18:42:09 GMT 2003



I have been tasked with evaluating commercial IDS systems (our snort
array is nice but does not have the "blinky" factor that management
loves). So what are other people using and how well does it work? I am
looking (obviously) for a system that will give me fewer false positives
than false negatives. I also am looking for something that allows custom
rule sets and updatable rule sets (so leave out the IDS feature of the
CISCO Pix, I know its there, I use it - its just weak). I am also
looking for something that is, as management says, "future proof", i.e.
it must have interchangeable NICs, and some sort of scalability.




-John Stauffacher

Network Administrator

Chapman University


stauffacher at

More information about the unisog mailing list