[unisog] IPS

Wes Young wcyoung at buffalo.edu
Tue Feb 8 13:30:29 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well that had come into consideration until I met with some reps (both
marketing and security engineer) from ISS. Their IPS seems to fit just
about every niche that I am looking for... Anomaly detection, the
ability to add snort rules if we need to... that coupled with the fact
that they spend about 45million a year in vulnerability research to
proactively protect their clients, looks very attractive at the moment.

Daniel Adinolfi wrote:
|
| On Feb 07, 2005, at 14:50, Wes Young wrote:
|
|>
|>     We're looking to venture into the IPS/IDP market....
|
|
| Wes,
|
| What are your requirements?  IDS or IPS might not be the best answer,
| depending on what you want to do.  Network Based Anomaly Detection might
| better fit the bill, as it did for us (with QRadar).
|
| What do you need the tool to do?
|
| -Dan
|
| _________________
| Daniel Adinolfi, CISSP
| Senior Security Engineer, IT Security Office
| Cornell University - Office of Information Technologies
| email: dra1 at cornell.edu   phone: 607-255-7657
|
| _______________________________________________
| unisog mailing list
| unisog at lists.sans.org
| http://www.dshield.org/mailman/listinfo/unisog
|
|

- --
Wes Young
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCCL711M5o0FsrrbERAmX8AJ9leC5BNBRmoPJ+hW81jed/H15QrgCgnA3T
Ef1PqLo4kUXPdCgRcSXc3fc=
=fdwu
-----END PGP SIGNATURE-----



More information about the unisog mailing list