expert? (was: Re: Network IDS

["James W. Meritt" <meritt_james () bah com>]

Is it not the case that you (generic 'you' refers to IT advanced IT
employee) are better with your network and your specific problem than
the ones you are likely to get if you call?

"Good, fast, cheap - pick two" sign on wall

Jim

Duston Sickler wrote:
> Snort was my first recommendation.  However the Network Administrator is of
> the attitude that free software = cheap or lower class software.  He also
> didn't like the fact the there was no tech support we could call.
>
> Duston Sickler
> CompTIA A+ Certified
> "Cedo nulli."
> ----- Original Message -----
> From: "smyrum" <smyrum () bresnan net>
> To: "'Duston Sickler'" <dustons () charter net>
> Sent: Saturday, August 16, 2003 12:05 PM
> Subject: RE: Network IDS
>
> > Not certain if you consider Snort with an ACID interface to be a *nix
> > solution.  It does work the work it's intended to do with a great deal
> > of flexibility on the user's part.  Packet sniffing can be tuned to suit
> > your needs.  We use it on a Class B network and I doubt that you could
> > find a better product.  It is not a plug and play solution, but neither
> > is network security.
> >
> > -----Original Message-----
> > From: Duston Sickler [mailto:dustons () charter net]
> > Sent: Friday, August 15, 2003 11:30 AM
> > To: security-basics () securityfocus com
> > Subject: Network IDS
> >
> > Hello,
> >
> > I would like to thank in advance everyone who is out of the office.  I
> > really do like to hear about it.
> >
> > The Network Administrator for the company I work for has charged me to
> > locate a Network Intrusion Detection System.  We do have a monitored
> > firewall between us and the outside world.  We need something to protect
> > our
> > servers from anyone coming from the inside.  We have about 20 Windows
> > 2000
> > Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations.
> >
> > We live in a 100% Windows world and the powers that be will not be
> > receptive
> > to any *nix solutions.  We are more the willing to pay for a top of the
> > line
> > product as long is it is in fact top of the line.
> >
> > Currently I have been looking at the Symantec Gateway Device.  We like
> > the
> > idea of a stand alone piece of hardware.  The only problem is we already
> > have a gateway server washing our email of viruses and 99% of Spam.
> >
> > Does anyone have any comments on the Symantec Gateway device?  We have
> > had
> > excellent experiences with there Gateway software and NAV Corp.  Does
> > anyone
> > have a different or better device that they could point me towards?
> >
> > I would like to thank everyone who replies to this post.  I have learned
> > a
> > great deal being on this list the last year and will continue to
> > appreciate
> > all the expertise that is freely given here.
> >
> > Duston Sickler
> > CompTIA A+ Certified
> > "Cedo nulli."
> >
> >
> > ------------------------------------------------------------------------
> > ---
> > ------------------------------------------------------------------------
> > ----
> >
> > ---
> > Incoming mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------