Solved

compare current Intrusion Detection System !

Posted on 2004-10-12
5
145 Views
Last Modified: 2010-04-11
there's many IDS: snort, Cisco IDS, RealSecure, NetProwler, Dragon, etc...
please experts, tell me their features; comparing their abilities, their strengths, their weakness.
thanks.
0
Comment
Question by:hoaivan
  • 2
5 Comments
 
LVL 23

Expert Comment

by:Tim Holman
Comment Utility
Do you really need IDS ?
It's a forensics tool, and although a very useful part of the security picture, it won't actually prevent intrusions without weeks worth of tuning and false positive removal...  and even then, I would not trust an IDS with upstream ACL modification and TCP reset ability not to do anything with my genuine traffic !
If you want to prevent intrusions, rather than detect (and notice a few days later), then you need an IPS.
Look at the IPS 5500 from TopLayer for example - www.toplayer.com.  :)

0
 

Author Comment

by:hoaivan
Comment Utility
i just do some researches on IDS, not for choosing which product to buy/use.
and i wanna have a perspective of ids products.
0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
Comment Utility
SC mag have done a few vendor-neutral reviews in the past:

http://www.scmagazine.com/products/index.cfm?fuseaction=GroupTestDetails&GroupId=5876

0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
sounds like a very general question. So: do you have any problems keying in IDS in yur favorite search engine?
Or what else do you expect as answer?
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now