Security Basics mailing list archives
Re: UTM - Unified Threat Management system
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Wed, 15 Mar 2006 11:28:07 -0800
That's a good idea to do something in inside network, but i think signature-based sensors are too passive, could there be a better solution?
You can try Anomaly Detection IDS. IDS Methods of Operation: Pattern Matching: Signature based [Default Allow, less secure] Anomaly Detection: Learning based [Default Deny, more secure] Protocol Behaviour: Determines normal traffic based on RFC. -- Saqib Ali, CISSP http://www.xml-dev.com/blog/ "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- UTM - Unified Threat Management system Alice Bryson (Mar 06)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 08)
- Re: UTM - Unified Threat Management system sheeponhigh (Mar 13)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 13)
- Re: UTM - Unified Threat Management system Mario Platt (Mar 14)
- Re: UTM - Unified Threat Management system Alice Bryson (Mar 15)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 16)
- Re: UTM - Unified Threat Management system sheeponhigh (Mar 13)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 08)