Re: Network IDS

[Gary Flynn <flynngn () jmu edu>]

Robert.Lupo () nokia com wrote:


> I have seen time and time again people buying a product, getting vendor training and then viewing the logs and thinking "wo 
> ho! I have IDS!" but do you know how to write your own rules, signatures, analyze the traffic for what your company needs?
> Before you go and buy any product, you should get yourself properly trained, then view the products and figure out what 
> is going to best suit your needs.

I don't think a product like this should be purchased without hands-on
eval time. Sales demos are staged and most literature (technical and
otherwise) won't give you the information you need about a product
to make a wise decision.

--
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world’s premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symanetc is the Diamond sponsor.  Early-bird registration ends September 6 Visit: www.blackhat.com
---------------------------------------------------------------------------