IDS mailing list archives
RE: Question on resources needed to manage IDSes
From: "Morse, Greg" <gmorse () trigeo com>
Date: Wed, 3 Dec 2003 12:57:23 -0800
I am a vendor with a SEM solution and therefore bias, but I believe if you automate the process you don't need to add additional staff to manage and respond to the alerts, IDS or otherwise. SEM is like having Data from Star Trek programmed with all the info from your best person. Then he reads every event record in every log across your system, not just the IDS, processes it in real time, compares it to your policies and if you have an active response set, it will immediately take that active response to stop the attack. Then write the normalized info to the database for forensic analysis. Just don't want you to think you have to keep building each car by hand when there is an automated assembly line available. Greg Morse Director of Business Development Eastern Region TriGeo Network Security, Inc. Office: 1-866-664-9292 ext. 124 gmorse () trigeo com www.trigeo.com _________________________________ For Contego product information and white papers go to: www.trigeo.com/publications.shtml _________________________________ --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Re: Question on resources needed to manage IDSes, (continued)
- Re: Question on resources needed to manage IDSes Peter Schawacker (Dec 01)
- Re: Question on resources needed to manage IDSes Andy Cuff [Talisker] (Dec 01)
- Re: Question on resources needed to manage IDSes Jack Whitsitt (jofny) (Dec 02)
- Re: Question on resources needed to manage IDSes simonis (Dec 02)
- Re: Question on resources needed to manage IDSes Jeff Nathan (Dec 02)
- Re: Question on resources needed to manage IDSes Anton A. Chuvakin (Dec 09)
- Re: Question on resources needed to manage IDSes Jeff Nathan (Dec 10)
- Re: Question on resources needed to manage IDSes Jeff Nathan (Dec 02)
- Re: Question on resources needed to manage IDSes Terence Runge (Dec 02)
- RE: Question on resources needed to manage IDSes Kohlenberg, Toby (Dec 03)
- RE: Question on resources needed to manage IDSes Teicher, Mark (Mark) (Dec 03)
- RE: Question on resources needed to manage IDSes Morse, Greg (Dec 03)
- RE: Question on resources needed to manage IDSes Teicher, Mark (Mark) (Dec 10)
- Re: Question on resources needed to manage IDSes Jimi Thompson (Dec 15)
- Re: Dream IDS was Q on resources needed to manage IDSes Andy Cuff [Talisker] (Dec 16)
- Re: Question on resources needed to manage IDSes Jimi Thompson (Dec 15)
- RE: Question on resources needed to manage IDSes Mike Disley (Dec 10)