hoaivan
asked on
compare current Intrusion Detection System !
there's many IDS: snort, Cisco IDS, RealSecure, NetProwler, Dragon, etc...
please experts, tell me their features; comparing their abilities, their strengths, their weakness.
thanks.
please experts, tell me their features; comparing their abilities, their strengths, their weakness.
thanks.
ASKER
i just do some researches on IDS, not for choosing which product to buy/use.
and i wanna have a perspective of ids products.
and i wanna have a perspective of ids products.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
sounds like a very general question. So: do you have any problems keying in IDS in yur favorite search engine?
Or what else do you expect as answer?
Or what else do you expect as answer?
It's a forensics tool, and although a very useful part of the security picture, it won't actually prevent intrusions without weeks worth of tuning and false positive removal... and even then, I would not trust an IDS with upstream ACL modification and TCP reset ability not to do anything with my genuine traffic !
If you want to prevent intrusions, rather than detect (and notice a few days later), then you need an IPS.
Look at the IPS 5500 from TopLayer for example - www.toplayer.com. :)