IDS mailing list archives

RE: Best IPS system?

From: "OSTERWALD, PAUL (ATTCLSMA)" <PO9138 () att com>
Date: Tue, 13 May 2008 09:36:42 -0700

Shelly, Kevin,

AirTight is great and I have already chimed in on my thoughts about
Sourcefire.  If you are going wireless as well I'd also look at AirMagnet
another great wireless vendor.

Paul Osterwald
Senior Consultant
Security & Advanced Infrastructure
AT&T Consulting
714-679-1884 (C)
714-288-2748 (O)

Connect people with their world - 
EVERYWHERE THEY LIVE AND WORK -         
and do it better than anyone else.  

Confidential: This e-mail and any files transmitted with it are the property
of AT&T and/or its affiliates, are confidential, and are intended solely for
the use of the individual or entity to whom this e-mail is addressed.  If
you are not one of the named recipient (s) or otherwise have reason to
believe that you have received this message in error, please notify the
sender at 714-679-1884 or 714-288-2748 and delete this message immediately
from your computer.  Any other use, retention, dissemination, forwarding,
printing, or copying of this e-mail is strictly prohibited.

 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Kevin Reiter
Sent: Monday, May 12, 2008 1:44 PM
To: focus-ids () securityfocus com
Cc: Shelly Beasley
Subject: RE: Best IPS system?

listbounce () securityfocus com wrote:
::: -----Original Message-----
::: From: listbounce () securityfocus com
::: [mailto:listbounce () securityfocus com] On Behalf Of Shelly Beasley
::: Sent: Wednesday, May 07, 2008 3:01 PM
::: To: focus-ids () securityfocus com
::: Subject: Best IPS system?
::: 
::: Hello mailing list,
::: 
::: I would like to buy the "best" system available to the IPS
::: network of my business. My company has only 200 users, all
::: share an Internet connection (10 m). We now use Sonicwall to
::: connect, but we are concerned about the hostile e-mails,
::: malware websites, and people in piracy. Who produces the best
::: job? Which is most capture hacker attempts? The product
::: should not interfere with operations on the network (all
::: connection is filled by the backup off-site at nite).
: 
: On Thu, May 8, 2008 1:09 pm, Andrew Plato wrote:
:: That's a SUPER-loaded question. There is no easy answer. And I
:: guarantee you will get a wide array of answers and arguments.
:: Questions like yours evoke intense emotional responses from some
:: people. 
: 
: The man speaks the truth here :-)
: 
: <snip>
:: That said, this is what I would recommend (I am sure it will deeply
:: and profoundly offend some people, it always does):
:: 
:: For UTM:
:: Fortinet
:: WatchGuard
:: Juniper SSG
:: 
:: For stand alone IPS:
:: TippingPoint
:: Juniper
:: ISS
: <snip>
: 
: My two cents: ISS is atrocious. I can't stress that enough. I'm
: anxious to see if IBM's purchase helps or hinders their product line.
: 
: TippingPoint and Sourcefire have the best IPSs with the smartest team
: of engineers behind them. These folks actually have some passion for
: their product, just not a great marketing team with glossy brochures.
Never
: had a problem with them. ISS products on the other hand, failed often,
: didn't perform well and had terrible customer service.
: 
: As Andrew said, get some demos. Everyone in this market is itching to
: get these things in your hands. Some will even stop by, hook it up and
: show you. Take advantage and choose wisely.

We just had a demo from Sourcefire (traditional IDS/IPS) and AirTight
(wireless IPS), and just bought the equipment when the demo was over.  We
had a 5-month demo with Sourcefire that was originally scheduled for 30
days, but we wanted to thoroughly test the system, and their take on it was,
basically, "..test it as long as you want to..."

Support from both vendors is top-notch, both during and after the demo.
Weekly webex meetings to make sure all our questions were answered, access
to 24x7 support during the demo, and even onsite engineers to help us get
everything setup specifically for our environment AT NO CHARGE.

Again, this is just my experience with these 2 companies - you might hear
different from others.

-Kevin

This message may contain confidential or proprietary information and is
intended solely for the individual(s) to whom it is addressed.  If you are
not a named addressee you should not disseminate, distribute or copy this
e-mail or act upon the information contained herein.  Please notify the
sender immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in
tro_sfw
to learn more.
------------------------------------------------------------------------

Attachment: smime.p7s
Description:

Current thread:

Best IPS system? Shelly Beasley (May 08)
- RE: Best IPS system? Andrew Plato (May 08)
  - RE: Best IPS system? Randal T. Rioux (May 12)
    - RE: Best IPS system? Paul Schmehl (May 12)
    - RE: Best IPS system? Kevin Reiter (May 13)
    - RE: Best IPS system? OSTERWALD, PAUL (ATTCLSMA) (May 13)
- RE: Best IPS system? Basem Barakat (May 08)
  - Message not available
    - Re: Best IPS system? Farrukh Haroon (May 09)
- Re: Best IPS system? Olli-Pekka Niemi (May 15)
- Re: Best IPS system? p1g (May 20)
  - Re: Best IPS system? Randal T. Rioux (May 21)