IDS mailing list archives
RE: Changes in IDS Companies?
From: Karl Lynn <klynn () stackheap org>
Date: Wed, 16 Oct 2002 19:35:02 +0000 (GMT)
IDS's have been using reactive measures for some time now (Send RST packets, reconfiguration of firewalls..etc..etc). This usually isn't a function that the vendor will have configured out of the box but the technology has been there. I think I would have to agree with Marty on this one, I like the layered effect as opposed to one device handling the work and load of many. I also agree that the method of IPS has not been addressed at all angles such as bandwidth, false-positive rates, but most importantly the impact of the false-positive. Since your IPS is basically interacting with firewalls, sending RST packets, or even doing the blocking itself. I'd like to see the IDS evolve into a more interacting product which works with multiple security devices within the network like firewalls, routers, vulnerability scanners..etc..etc The last thing I want is something that got pushed out the door cause of "buzz word bingo". Not to say its a bad idea or anything but get the IDS down right then lets talk IPS. -Karl On Tue, 15 Oct 2002, J. Foobar wrote:
I remember reading an article on SF a year or more ago entitled "The Future of IDS" or something to that effect, wherein the author predicted the demise of separate NIDS and HIDS to be replaced with reactive all-encompassing systems relying on a few carefully placed network monitors and aggressively reactive host-based systems. Was he right? --- Avi Chesla <avic () V-Secure com> wrote:I totally agree with you. Next generation IDS ,also being called Intrusion Prevention Systems or Perimeter Security devices are the next step in the evolution of the Traditional Intrusion Detection Systems. Vendors such as Intruvert, Tipping point , Vsecure Technologies , Lancope, Forescout , TopLayer (Mitigator) etc, are example of some. All these vendors claim to have an Intrusion Prevention Systems which usually has some kinds of Adaptive capabilities, they do behavioral and protocol analysis and do not based on attack signature (most of them) , they sit in-line (most of them), they mitigate attack without be depended in other products to do the blocking... Best Regards, Avi Chesla Director of Research Vsecure Technoliges, Inc. www.v-secure.com -----Original Message----- From: Samuel Cure [mailto:scure () netpierce net] Sent: Monday, October 14, 2002 10:54 PM To: focus-ids () securityfocus com Subject: Changes in IDS Companies? Just noticing some changes with some known IDS companies and wanted some feedback from the community. Because Marcus Ranum left NFR earlier this year and Ron Gula has left Enterasys Networks, I am questioning the future of some early-on IDS companies. I mentioned some time ago that the IDS market will eventually consolidate and it seems like things are moving in that direction. To further enforce my point, word on the street is TippingPoint is now seeking for someone to buy them out. Does anyone else have anything that could help validate this or these types of trends in IDS companies? Thanks in advance! ------------------- Samuel J. Cure Security Specialist NetPierce Security Services www.netpierce.net -------------------__________________________________________________ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com
Current thread:
- Changes in IDS Companies? Samuel Cure (Oct 14)
- <Possible follow-ups>
- RE: Changes in IDS Companies? Avi Chesla (Oct 15)
- Re: Changes in IDS Companies? Martin Roesch (Oct 16)
- Re: Changes in IDS Companies? scottw (Oct 16)
- Re: Changes in IDS Companies? Aaron Turner (Oct 16)
- RE: Changes in IDS Companies? Rob Shein (Oct 23)
- Re: Changes in IDS Companies? Aaron Turner (Oct 23)
- Re: Changes in IDS Companies? Martin Roesch (Oct 16)
- RE: Changes in IDS Companies? J. Foobar (Oct 16)
- RE: Changes in IDS Companies? Karl Lynn (Oct 16)
- RE: Changes in IDS Companies? Chris Petersen (Oct 16)
- Re: Changes in IDS Companies? roy lo (Oct 16)
- RE: Changes in IDS Companies? Oliver Petruzel (Oct 17)
- RE: Changes in IDS Companies? Mike Shaw (Oct 18)
- Re: Changes in IDS Companies? Frank Knobbe (Oct 18)
- Re: Changes in IDS Companies? Raistlin (Oct 31)
- Re: Changes in IDS Companies? Scott Wimer (Oct 31)