Educause Security Discussion mailing list archives
Re: Intrusion Detection Recommendations
From: Dean De Beer <ddb () PLAZACOLLEGE EDU>
Date: Tue, 9 Aug 2005 10:19:31 -0400
Mike, I'm not too sure of your budget but you might want to look at Radware's Defense Pro IPS. It is a pretty robust appliance. It has Gbit fiber and copper connectivity or you can have a combination of both. It uses signatures and I believe the latest also does anomaly detection. Has great high level, executive reports too for all the suits. :) We are also going to be looking at Sourcefire's 3D product. It's pretty impressive and is an easy transition for any Snort user. We are looking to have one of them complement our existing Snort setup. Cheers, Dean Dean De Beer Manager of Information Technology Plaza College Plaza College Way Jackson Heights NY 11372 Tel: (718) 779-1430 ext.115 -----Original Message----- From: Mike Radomski [mailto:Mike.Radomski () ITEC SUNY EDU] Sent: Tuesday, August 09, 2005 9:10 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Intrusion Detection Recommendations Hello, We are currently looking at different alternatives to our Snort implementation for and IDS. We currently run Snort+ACID on a SPAN port. It works well, but would like a more robust system that is capable of anomaly detection, flow analysis, etc. I am wondering what everyone uses for IDS/IPS? Do you use a combination of open source tools, a commercial software solution, or a commercial hardware solution? What are the advantages of your implementation? Disadvantages? Thanks! -- Mike Radomski SUNY - ITEC Information Technology Exchange Center Systems Programmer/Analyst E-mail: Mike.Radomski () itec suny edu Systems E-Mail: scsys () itec suny edu Phone: (716)878-4832 Cellular: (716)807-4040 Fax: (716)878-3485 PGP Public Key: http://www2.itec.suny.edu/~radomsmj/mradomski.asc There are only 10 types of people... Those who understand binary and those who don't.
Current thread:
- Intrusion Detection Recommendations Mike Radomski (Aug 09)
- <Possible follow-ups>
- Re: Intrusion Detection Recommendations Gibbs, Aaron M. (Aug 09)
- Re: Intrusion Detection Recommendations Gary Dobbins (Aug 09)
- Re: Intrusion Detection Recommendations Cebulski, John (Aug 09)
- Re: Intrusion Detection Recommendations wcon (Aug 09)
- Re: Intrusion Detection Recommendations Dean De Beer (Aug 09)
- Re: Intrusion Detection Recommendations Graham Toal (Aug 09)
- Re: Intrusion Detection Recommendations Jason Richardson (Aug 09)
- Re: Intrusion Detection Recommendations Wes Simons (Aug 09)
- Re: Intrusion Detection Recommendations John Kemp (Aug 09)
- Re: Intrusion Detection Recommendations Scott Genung (Aug 09)
- Re: Intrusion Detection Recommendations James Riden (Aug 09)
- Re: Intrusion Detection Recommendations Gary Flynn (Aug 12)