IDS mailing list archives
Re: Help in evaluating Inline IDS/IPS solution
From: Lance Spitzner <lance () honeynet org>
Date: Thu, 5 Jun 2003 09:04:02 -0500 (CDT)
On Thu, 5 Jun 2003, Ravi wrote:
Hi,
My company plans to resell the Network Inline IDS/IPS solution to
our customers and support
customer. I was given task of evaluation of different solutions in
the market. There are some
questions asked by our customers and I would like to keep these in
mind while
evaluating the IDS solutions.
You may want to start with snort-inline. This is not a commercial
version, but an OpenSource solution based on Snort. The advantage is
you have access to both the source code and signauture/rules. Also,
correct me if I'm wrong, but I believe that snort-inline is the only
IPS solution that not only can block attacks, but modify/disable
them. Would be interested to know if any commercial versions suppport
this functionality.
http://snort-inline.sf.net
lance
-------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME?
IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
- including intrusion identification, relevancy, direction, impact and analysis
- enabling a path to prevention.
Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at:
http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------
Current thread:
- Help in evaluating Inline IDS/IPS solution Ravi (Jun 04)
- Re: Help in evaluating Inline IDS/IPS solution Stephen Samuel (Jun 05)
- Re: Help in evaluating Inline IDS/IPS solution Lance Spitzner (Jun 05)
- RE: Help in evaluating Inline IDS/IPS solution Brian Laing (Jun 05)
- Re: Help in evaluating Inline IDS/IPS solution Srinivasa Rao Addepalli (Jun 06)
- Re: Help in evaluating Inline IDS/IPS solution SecurityFocus (Jun 09)
- <Possible follow-ups>
- RE: Help in evaluating Inline IDS/IPS solution Golomb, Gary (Jun 05)