Re: Help in evaluating Inline IDS/IPS solution

[Stephen Samuel <samuel () bcgreen com>]

Ravi wrote:

>      From sensor technology perspective, I find that all the vendors 
> seems to be having
>      similar capabilities. But, I am trying to see the continued support 
> on new attacks
>      and vulnerabilities found.
>      One vendor claims that they have 5 dedicated analysts looking at 
> the vulnerabilities
>      and updating signatures (if needed). Another vendors claims that 
> they have more
>      than 20 analysts doing this job. Can this be considered in my eval? 
> Is it that other
>      vendor exaggerating the number of resources they have for this job.

All things being equal, 20 analysts are likely to be better than 5.
On the other hand, 5 really skilled analysts with a good support
structure, tools and communication are going to do a better job than
20 beginners with loose communications, low morale and other duties.

If you can get a chance to actually talk to analysts from the two
companies, you should be able to get a sense of what end of the
quality scale the two groups are. That will make more sense of
the quantitative analysis.

--
Stephen Samuel +1(604)876-0426                samuel () bcgreen com
                   http://www.bcgreen.com/~samuel/
Powerful committed communication, reaching through fear, uncertainty and
doubt to touch the jewel within each person and bring it to life.


-------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME?

IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities 
- including intrusion identification, relevancy, direction, impact and analysis 
- enabling a path to prevention.

Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: 
http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------