Educause Security Discussion mailing list archives

Re: TippingPoint and Cisco IDSM2 IPS offerings (cross-posted to NETMAN)

From: Eric Van Wiltenburg <vanwilt () UVIC CA>
Date: Mon, 30 Aug 2004 09:19:16 -0700

David,

I evaluated the appliance version of the Cisco product in January, which
is almost the same as the IDSM blade.  Features may have changed since
then.

There were two things that I really didn't like about it:
 - the management interface is horrible
 - it cannot run in 'inline' mode, meaning prevention capabilities are
limited

I've recently installed the NAI/McAfee IntruShield 4000 at our campus
edge.  Other models, like the 2600, are being considered for
departmental applications.  As I become more comfortable putting rules
in blocking (as opposed to detection) mode, I'm finding this device
extremely valuable and effective.

Three things I really liked about this product:
        - throughput is 2Gb/s, important when connecting to external
research networks (ie I2, CA*net, etc)
        - management interface is decent
        - runs in inline mode

We can discuss in more detail via unicast if you wish.

Eric van Wiltenburg
Senior Network Security Analyst
UVic Network Services
vanwilt () uvic ca
250.472.5204
 

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Skrdla, David
Sent: Saturday, August 28, 2004 1:22 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] TippingPoint and Cisco IDSM2 IPS offerings
(cross-posted to NETMAN)

(This message has been cross-posted to NETMAN () LISTSERV EDUCAUSE EDU) 

Oklahoma State University is considering solutions for intrusion
prevention, IDS, and rate limiting on our network.  We have evaled a
Tippingpoint UnityOne device and were intially pleased.  We have also
been asked to consider a Cisco IDSM2 module in a 650x chassis for IPS
abilities.

Has anyone used either of these solutions who could share your insight
and experience of the effectiveness and value of these devices (or
others)?

Thank you,

David Skrdla
Network Security Analyst
Systems Security Office
IT/Technology Operations
Oklahoma State University
Ph. 405-744-7806

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

TippingPoint and Cisco IDSM2 IPS offerings (cross-posted to NETMAN) Skrdla, David (Aug 28)
- <Possible follow-ups>
- Re: TippingPoint and Cisco IDSM2 IPS offerings (cross-posted to NETMAN) chris Allison (Aug 29)
- Re: TippingPoint and Cisco IDSM2 IPS offerings (cross-posted to NETMAN) Ray Lombardi (Aug 29)
- Re: TippingPoint and Cisco IDSM2 IPS offerings (cross-posted to NETMAN) Scott Genung (Aug 29)
- Re: TippingPoint and Cisco IDSM2 IPS offerings (cross-posted to NETMAN) Eric Van Wiltenburg (Aug 30)