[unisog] IPS

Wes Young wcyoung at buffalo.edu
Tue Feb 8 13:30:29 GMT 2005

Hash: SHA1

Well that had come into consideration until I met with some reps (both
marketing and security engineer) from ISS. Their IPS seems to fit just
about every niche that I am looking for... Anomaly detection, the
ability to add snort rules if we need to... that coupled with the fact
that they spend about 45million a year in vulnerability research to
proactively protect their clients, looks very attractive at the moment.

Daniel Adinolfi wrote:
| On Feb 07, 2005, at 14:50, Wes Young wrote:
|>     We're looking to venture into the IPS/IDP market....
| Wes,
| What are your requirements?  IDS or IPS might not be the best answer,
| depending on what you want to do.  Network Based Anomaly Detection might
| better fit the bill, as it did for us (with QRadar).
| What do you need the tool to do?
| -Dan
| _________________
| Daniel Adinolfi, CISSP
| Senior Security Engineer, IT Security Office
| Cornell University - Office of Information Technologies
| email: dra1 at cornell.edu   phone: 607-255-7657
| _______________________________________________
| unisog mailing list
| unisog at lists.sans.org
| http://www.dshield.org/mailman/listinfo/unisog

- --
Wes Young
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
Version: GnuPG v1.2.6 (GNU/Linux)


More information about the unisog mailing list