IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to choose an IDS/FW MSS provider

From: Kevin <kkadow () gmail com>
Date: Fri, 11 Mar 2005 01:03:20 -0600
On Thu, 10 Mar 2005 16:28:57 +0000, buineach <securesolutions () gmail com> wrote:

Stephane
What is an appliance these days !!
Answer: everything
What is a checkpoint fw
Answer a dell pc running linux

What are most IPS, If you look past the appliance label you will find
a Linux kernel/OS.
So what does this run on, a central cpu I think you will find.


Cue MJR's "appliance rant #1".

OTOH, not every "appliance" product runs Linux,
and not every "appliance" is a PC with fancy stickers,
there are a few good products based on ASICs.

And there are products like Intrushield, which are known to
use Linux/LGPL code and also boast about the high
performance of "ASIC based appliance" IPS.



I think you will admit that the technology used  by IDS vendors is
almost the same as the appliance IPS  they now promote.


Some IPS vendors call this a feature, others have move beyond their 
IDS products.



My problem really is that they are promoting this technology
 for  inline protection when they can so easily become the main
 bottlenech in any network.


I gather you've been reading Sun Tzu?


Kevin Kadow

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: