IDS: COTS intrusion detectors

Endler, David S (David.S.Endlerusa.xerox.com)
Thu, 09 Sep 1999 05:57:35 -0400

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Marcus J. Ranum: "Re: IDS: COTS intrusion detectors"
• Previous message: Philip S Holt / Security Engineering: "Re: IDS: Introduction ..."
• Next in thread: Robert Graham: "Re: IDS: COTS intrusion detectors"
• Reply: Robert Graham: "Re: IDS: COTS intrusion detectors"

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
---------------------------------------------------------------------------

---
Hi all,
	I'm interested if anyone could share their opinions and experience
(bad and good) with this mailing list and compare/praise/flame the following
COTS ID solutions in an enterprise setting.  
Network Associates Cybercop Monitor
ISS Real Secure 
ODS Networks CMDS
Axent Intruder Alert/Net Prowler
Cisco Netranger
It seems they each claim close to the same thing of monitoring both host
data (except netranger) and network traffic. I'm interested in enterprise
wide solutions (addressing hosts and networks) with nice GUI
monitoring/reporting etc. so have purposely left out NFR. 
Please share yout thoughts, thanks.
			-dave
----
David Endler
Xerox Corporate Information Security
David.S.Endlerusa.xerox.com

• Next message: Marcus J. Ranum: "Re: IDS: COTS intrusion detectors"
• Previous message: Philip S Holt / Security Engineering: "Re: IDS: Introduction ..."
• Next in thread: Robert Graham: "Re: IDS: COTS intrusion detectors"
• Reply: Robert Graham: "Re: IDS: COTS intrusion detectors"

This archive was generated by hypermail 2.0b3 on Thu Sep 09 1999 - 19:03:39 CDT