Educause Security Discussion mailing list archives
Re: IPS Solution
From: "Di Fabio, Andrea" <adifabio () NSU EDU>
Date: Tue, 5 Feb 2013 10:58:20 -0500
Jim, You have a very good point, but I am a firm believer in not putting all my eggs in one basket, and especially in trying to introduce new technology into my environment. PA brought us UID, and Application Awareness, which wasn't available in our ASA's. Additionally it brought features similar to FireEye, when we were demoing a FireEye box :) Overall, we were able to bring true new technology into our environment with budget that was allocated to replace our ASA's. Now that we have budget to replace our older TP IPS hardware, I am exploring solutions that can truly bring new IPS technology into the mix, if such new technologies exist and can augment what PA can do. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mayne, Jim Sent: Tuesday, February 05, 2013 10:35 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] IPS Solution Andrea, I am just curious. Since you are so happy with PA's IPS features, why are you still looking for dedicated IPS's instead of more PA's. What are they missing or what do you want to get from a dedicated IPS that you are not getting from your PA devices? We are also now looking for alternatives to TP and are leaning towards PA. Thanks, Jim From: The EDUCAUSE Security Constituent Group Listserv [ <mailto:SECURITY () LISTSERV EDUCAUSE EDU> mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Di Fabio, Andrea Sent: Tuesday, February 05, 2013 9:19 AM To: <mailto:SECURITY () LISTSERV EDUCAUSE EDU> SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] IPS Solution Here is my two cents, and I am hoping to stir up some good conversation with respect to IPS solutions. We haven been using TippingPoint for many year. After much testings, we recently deployed PaloAlto firewalls into production. I must say that am EXTREMELY impressed with the FW performance, ease of management, and suprisingly with its IPS feature and with WildFire. I feel as if we were almost blind with respect to IPS, and now we have gotten LASIK and we have gained much more visibility into what's going on on our network. I have been a proponent of TippingPoint ealy in the days, and I was very impressed with it, but I must say that TP is blind compared to PA. I feel they are lacking a bit behind. I understand that TP is for heavy duty IPS only, but what good is it, if it is almost blind? As we revisit our IPS solution again, we are are looking to find dedicated IPS hardware that comes close to the PA IPS features and visibility. Your feedback is very much appreciated and your point of view very helpful. We try to find solutions to augment our PA border firewalls with some dedicated IPS with 'better that 20/40 vision' :) From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Michael Horne Sent: Tuesday, February 05, 2013 8:39 AM To: SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] IPS Solution We have been running a PaloAlto for over a year and are very happy with it! From: The EDUCAUSE Security Constituent Group Listserv [ <mailto:SECURITY () LISTSERV EDUCAUSE EDU> mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, Ronald A. Sent: Monday, February 04, 2013 11:46 AM To: <mailto:SECURITY () LISTSERV EDUCAUSE EDU> SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] IPS Solution We are about to begin investigating IPS solutions for our environment. So far, we are considering Sourcefire and HP/TippingPoint (yes, we are aware of the problems since the acquisition). I would like to ask the group for their suggestions for a solution that could be used for a small to medium sized EDU with 10 gig backbone and 1 gig to the internet. If anyone would like to include their reasoning for their choice, that would be helpful to us. I would also like to state that any responses from corporate or reseller companies will automatically eliminate them from consideration. Thank you in advance. Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 555 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Fax: 757-823-2128 Email: <mailto:raking () nsu edu> raking () nsu edu <http://security.nsu.edu> http://security.nsu.edu
Attachment:
smime.p7s
Description:
Current thread:
- Re: IPS Solution, (continued)
- Re: IPS Solution Michael Horne (Feb 05)
- Re: IPS Solution Waddell, Stan Adolphus (Feb 05)
- Re: IPS Solution Di Fabio, Andrea (Feb 05)
- Re: IPS Solution Bradley, Stephen (Feb 05)
- Re: IPS Solution Roger A Safian (Feb 05)
- Re: IPS Solution O'Callaghan, Daniel (Feb 05)
- Message not available
- Re: IPS Solution Benjamin Parker (Feb 05)
- Re: IPS Solution Biddle, Rob (Feb 05)
- Re: IPS Solution Hall, Rand (Feb 06)
- Re: IPS Solution Michael Horne (Feb 05)
- Re: IPS Solution Mayne, Jim (Feb 05)
- Re: IPS Solution Di Fabio, Andrea (Feb 05)