IDS mailing list archives
Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within)
From: mark12_30 () hotmail com
Date: 15 Jul 2005 08:20:21 -0000
Hello, I'm interested in the general feel from people about what should be used in the following scenario: - Large corporation (4000+ servers) - Looking for Host-Based IDS/IPS for key servers - Established 24x7 monitoring team - Solution has to pick up common exploits (Buffer Overruns & API calls etc) - Has large, established network IDS - Only deploying on windows win2k & 2003 servers (web, email, app, db etc) - Conservative windows server management group - Implementing point solution SIEM (eg arcsight etc) Given the above situation, what would you recomment? I understand from a lot of research that HIPS is gathering momentum. Any thoughts would be great, esp suggestions on products Thank you -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) mark12_30 (Jul 15)
- Re: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) Mark Teicher (Jul 18)
- <Possible follow-ups>
- RE: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) Brunner, Mark (Jul 17)
- RE: Host-Based Intrusion Detection/Prevention. Which will you select? (Requirements within) Andrew Plato (Jul 17)
- Message not available