Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > IDS-list> 1999-q4

IDS Archives: IDS: RE: COTS intrusion detectors

IDS: RE: COTS intrusion detectors

Bawcom, Aaron (Aaron_Bawcomnai.com)
Thu, 9 Sep 1999 09:51:46 -0700

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Robert Graham: "Re: IDS: COTS intrusion detectors"
Previous message: Marcus J. Ranum: "Re: IDS: COTS intrusion detectors"
Next in thread: Dug Song: "Re: IDS: RE: COTS intrusion detectors"
Reply: Dug Song: "Re: IDS: RE: COTS intrusion detectors"

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
---------------------------------------------------------------------------

--- What I find highly intriguing is the fact that this person has specifically stated "with nice GUI". When different IDS products are benchmarked and compared against each other, the reviewer will usually include what they believe is important rather than what users really want. In some product reviews that I've seen, the reviewer does not believe that a GUI is important.

The best way to find which IDS suits your needs is to try the products out in your environment and see for yourself which ones meet your needs. Most products have an evaluation version which you can install and try out in your environment.

-----Original Message----- From: Endler, David S [mailto:David.S.Endlerusa.xerox.com] Sent: Thursday, September 09, 1999 2:58 AM To: idsuow.edu.au Subject: IDS: COTS intrusion detectors

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems... email questions to ids-owneruow.edu.au NOTE: Remove this section from reply msgs otherwise the msg will bounce. SPAM: DO NOT send unsolicted mail to this list. USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au ---------------------------------------------------------------------------

--- Hi all, I'm interested if anyone could share their opinions and experience (bad and good) with this mailing list and compare/praise/flame the following COTS ID solutions in an enterprise setting.

Network Associates Cybercop Monitor ISS Real Secure ODS Networks CMDS Axent Intruder Alert/Net Prowler Cisco Netranger

It seems they each claim close to the same thing of monitoring both host data (except netranger) and network traffic. I'm interested in enterprise wide solutions (addressing hosts and networks) with nice GUI monitoring/reporting etc. so have purposely left out NFR.

Please share yout thoughts, thanks.

-dave

---- David Endler Xerox Corporate Information Security David.S.Endlerusa.xerox.com

Next message: Robert Graham: "Re: IDS: COTS intrusion detectors"
Previous message: Marcus J. Ranum: "Re: IDS: COTS intrusion detectors"
Next in thread: Dug Song: "Re: IDS: RE: COTS intrusion detectors"
Reply: Dug Song: "Re: IDS: RE: COTS intrusion detectors"

This archive was generated by hypermail 2.0b3 on Fri Sep 10 1999 - 01:10:57 CDT