Security Basics mailing list archives
Re: IPS vs Firewall
From: "Cutequyz" <sonicely () cbn net id>
Date: Wed, 5 May 2004 17:53:12 +0700
nop. you wouldn't get a good report for ips. anyway, it gonna to be single device of failure and the firewall fail, the whole network become shutdown. if this is the case, why you spend your money to it? another thing, the interface should be invisible (can't be ping adn detected by port/ip scanner, even from your inside) take a look at scmagazine.com and see what expert see in a good ips. ----- Original Message ----- From: "Manoj Kumar Neelapareddy" <manojkreddyutl () yahoo com> To: <security-basics () securityfocus com> Sent: Monday, May 03, 2004 4:06 PM Subject: RE: IPS vs Firewall
I would suggest you to use an all in one box which has FW, IPS built into it. best example of such a solution is iPolicy Network's ipEnforcer 3100/3400. it has FW, IDS, IPS, URL screener, NAT built into one box. iPolicy networks can be reached at www.ipolicynet.com thank u manoj --- sonicely () cbn net id wrote:I think it's the best way to put an IPS on the WAN and the LAN at the same time. NAI IPS Intruvert can do multi-rules on different VLAN or even the port. The reason that you need to put that in both side, is to figure out whether an intrusion has been successfully go in to the servers inside you LAN/DMZ. An if somebody from the inside want to play around with your DMZ, you will know it where it came from. If you put the IPS outside of the Firewall, sometimes you got an attack that already NAT-ed and you can't know in 1 seconds who is he really. Please correct me if I'm wrong. rgds,If you put the IPS outside of the firewall then beprepared for somemassive amounts of logs! I currently have asimilar setup and just the rawnumber of people setting out there running nessusand other tools quicklyfilled my logs up. I have since tuned the box andnow recieve a decentamount of logs but i am wondering if it stilldoing me any good in ahighly tuned state? my original idea was to put itoutside the firewall soi could see everything that is hitting thefirewall, but this just isntpossible in my setup. -----Original Message----- From: Benny Late [mailto:lvmygop () hotmail com] Sent: Tuesday, April 27, 2004 3:16 PM To: security-basics () securityfocus com Subject: IPS vs Firewall List, I am to give a presentation concerning IPS vs. IDSand why we have decidedto implement an IPS solution. I have stuff abouteach of those, but mybig problem is going to come from my LAN/WAN group.Because I've decided toplace the IPS outside the firewall, they havealready moaned about it andI know they're going to bring up why we need IPS vs.Firewall. I have stuffabout what firewalls don't look for or do comparedto IPS.My question is, how would you go about showingthat firewalls or BigIProuters can be attacked directly? For those ofyou concidering IPS, canyou impart any of the knowledge gained by implementingyour solutions?Many thanks, Benny_________________________________________________________________From must-see cities to the best beaches, plan agetaway with the SpringTravel Guide!http://special.msn.com/local/springtravel.armx--------------------------------------------------------------------------
-
Ethical Hacking at the InfoSec Institute. Mentionthis ad and get $545 offany course! All of our class sizes are guaranteedto be 10 students orless to facilitate one-on-one interaction with one ofour expert instructors.Attend a course taught by an expert instructorwith years of in-the-fieldpen testing experience in our state of the arthacking lab. Master theskills of an Ethical Hacker to better assess the securityof your organization.Visit us at:http://www.infosecinstitute.com/courses/ethical_hacking_training.html--------------------------------------------------------------------------
--
--------------------------------------------------------------------------
-
Ethical Hacking at the InfoSec Institute. Mentionthis ad and get $545 offany course! All of our class sizes are guaranteedto be 10 students orless to facilitate one-on-one interaction with one ofour expert instructors.Attend a course taught by an expert instructorwith years of in-the-fieldpen testing experience in our state of the arthacking lab. Master theskills of an Ethical Hacker to better assess the securityof your organization.Visit us at:http://www.infosecinstitute.com/courses/ethical_hacking_training.html--------------------------------------------------------------------------
--
--------------------------------------------------------------------------
-
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at:http://www.infosecinstitute.com/courses/ethical_hacking_training.html--------------------------------------------------------------------------
--
__________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover --------------------------------------------------------------------------
-
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html --------------------------------------------------------------------------
--
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: IPS vs Firewall Manoj Kumar Neelapareddy (May 03)
- Re: IPS vs Firewall Cutequyz (May 06)
- Re: IPS vs Firewall Ansgar -59cobalt- Wiechers (May 10)
- <Possible follow-ups>
- RE: IPS vs Firewall Shawn Jackson (May 13)
- Re: IPS vs Firewall Cutequyz (May 06)