'IDS: Open source mounts IDS challenge'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ids
Subject:    IDS: Open source mounts IDS challenge
From:       "Taylor, Robert" <taylorr2 () state ! gov>
Date:       2001-12-04 18:57:23
[Download RAW message or body]

Archive: http://msgs.securepoint.com/ids
FAQ IDS: http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
FAQ NIDS: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner@uow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo@uow.edu.au
-----------------------------------------------------------------------------


http://www.vnunet.com/News/1127283 <http://www.vnunet.com/News/1127283> 
By James Middleton in Rome
03-12-2001

Open source security products are ready to mount a massive challenge in the
intrusion detection market, according to experts.
Security consultant NSS Group tested 16 IDS products from big vendors
including Cisco, ISS, Computer Associates and Symantec, along with one
freeware open source product called Snort.
"In our tests Snort was the top performer - we were blown away by it," said
Bob Walder, director of the NSS Group. "It was better than all the
commercial products we tested."
However, he warned that "installing an Open Source product is a lot more
work, you have to build on the installation", but the conclusion is that
Snort offered a better foundation for IDS.
Other experts present at the NetEvents security forum in Rome said that
although companies are concerned about the high costs associated with IT
security, many think that "good security policy amounts to an expensive
enough consultant."
David Love, ex-chief of security for NATO Europe and ex-head of security for
the RAF, now working for Computer Associates, said:
"Nowhere else in the industry is it possible to waste money as quickly as on
IT security, especially since 11 September. These people running companies
should understand the risks, but they are often of a computer illiterate
age."
It seems that commercial security vendors may be able to learn a thing or
two from the open source community, which may now put pressure on the market
by offering a cheap and effective alternative.
This message is unclassified.

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic