IDS mailing list archives
Re: Network IDS
From: José Joaquín <jostein_svq () hotmail com>
Date: Wed, 20 Aug 2003 08:42:01 +0200
Hi there!Have a look at ISS products: network sensor and 'new-brand' proventia (www.iss.net). It may help you to decide that we are already using an ISS solution to protect our network from the outside world since a year ago, and it really works.
Taking into account your starting point,I reccomend you to install a network sensor on a dedicated Windows NT/2000 (if it is the only sensor, you can install all architectural components on it) with 2 NIC's: one attached to your inside network (for managing purposes) and the other one sniffing the traffic (in stealth mode) in front of your firewall.
Kind regards, Jose Joaquin.
From: "Duston Sickler" <dustons () charter net> To: <focus-ids () securityfocus com> Subject: Network IDS Date: Sat, 16 Aug 2003 10:48:02 -0500 Hello, I would like to thank in advance everyone who is out of the office. I really do like to hear about it. The Network Administrator for the company I work for has charged me to locate a Network Intrusion Detection System. We do have a monitoredfirewall between us and the outside world. We need something to protect ourservers from anyone coming from the inside. We have about 20 Windows 2000 Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations.We live in a 100% Windows world and the powers that be will not be receptive to any *nix solutions. We are more the willing to pay for a top of the lineproduct as long is it is in fact top of the line. Currently I have been looking at the Symantec Gateway Device. We like the idea of a stand alone piece of hardware. The only problem is we already have a gateway server washing our email of viruses and 99% of Spam. Does anyone have any comments on the Symantec Gateway device? We have hadexcellent experiences with there Gateway software and NAV Corp. Does anyonehave a different or better device that they could point me towards? I would like to thank everyone who replies to this post. I have learned a great deal being on this list the last year and will continue to appreciate all the expertise that is freely given here. Duston Sickler CompTIA A+ Certified "Cedo nulli." --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
_________________________________________________________________Charla con tus amigos en línea mediante MSN Messenger: http://messenger.microsoft.com/es
---------------------------------------------------------------------------Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the worldÂs premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com
---------------------------------------------------------------------------
Current thread:
- Re: Network IDS, (continued)
- Re: Network IDS Frank Knobbe (Aug 28)
- Re: Network IDS Mark Teicher (Aug 28)
- Re: Network IDS Frank Knobbe (Aug 28)
- Re: Network IDS Andreas Krennmair (Aug 25)
- Re: Network IDS Barry Fitzgerald (Aug 26)
- Re: Network IDS Gary Flynn (Aug 21)
- RE: Network IDS Steffen Kluge (Aug 25)
- Re: Network IDS Joel Snyder (Aug 26)
- Re: Network IDS Andreas Krennmair (Aug 26)
- RE: Network IDS Frank Knobbe (Aug 28)
- RE: Network IDS Mark Teicher (Aug 28)
- Re: Network IDS Stephen P. Berry (Aug 29)