RFI: Intrusion Detection Systems

Mailman List Mirror (Read Only)
1

My apologies to anyone that receives duplicates of this email stemming from it being cross posted.

I have been asked to investigate an Intrusion Detection/Prevention System. Could anyone that has knowledge of the following products give me the good, bad or the ugly concerning them. Reply to myself online or off line

If anyone would like a summary of the results please do not hesitate to ask.

NIDS:
Cisco Intrusion Detection Sensors Version 4.x
         4235, 4250
NAI Intrusion Prevention Sensors
         IntruShield 2600, 4000 (IntruVert)

HIPS:
Cisco Security Agent
Entercept

Management Systems:
Cisco VMS - VPN/Security Management System
NAI: ISM Security Management System.

Any thoughts would be appreciated.

Kim

2

kgraham@rogers.com writes on 11/13/2003 5:35 AM:

My apologies to anyone that receives duplicates of this email stemming from it being cross posted.

There was a recent network computing article that evaluated quite a lot of these. However, I'd suggest that you avoid NAI / Norton stuff for IDSs ..

3

See these articles, written in 2002:
http://www.nwfusion.com/techinsider/2002/0624security.html
http://www.nwfusion.com/columnists/2002/0916testerschoice.html

and in 2003:
http://www.nwfusion.com/reviews/2003/1013idsrev.html

jc