[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-ids
Subject: re: Survey on IDS!
From: andy cuff <lists () securitywizardry ! com>
Date: 2006-12-14 13:55:42
Message-ID: 1166104542.458157deb4b0b () netmail ! pipex ! net
[Download RAW message or body]
Hugo,
You've probably opened the door on a pre-Christmas vendor winge fest
> 1. In your opinion, which is the best IDS ?
1. It depends upon what your requirements are, no IDS can meet everyone's
requirements. Off the top of my head, are you looking for:
High throughput
Full rolling packet capture in addition to event packet capture
SSL decryption
Management on a separate server
Interaction with a SIM, if so via what mechanism
Cost of tin and people to manage (there is no free IDS)
Are your staff Linux or Windows experienced
Are your staff familiar with MS SQL, Oracle, MySQL etc
Are your analytical staff able to understand raw output or will they require
event descriptions
How many IDS are required
Would you prefer software or appliances
etc etc etc
Now we can start to look at how capable the IDS is
Scroll back through the archives, this question has been asked approximately
every 6 months for the last 6 years
Best Regards
--
Andy Cuff
Computer Network Defence Ltd
www.SecurityWizardry.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic