Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 542
  • Last Modified:

Anybody has a review of ESentire as an IDS solution ? How do they rate in the real world ?

We are considering deploying them as a solution and I was wondering of anyone has them or has experience with them .
0
Andre P
Asked:
Andre P
1 Solution
 
Rich RumbleSecurity SamuraiCommented:
I've never heard of them, but that doesn't mean they aren't any good. Most IDS systems use SNORT as their backend and sell their own sigs and a front-end. We used to use Snort (now SourceFire/Talos), but the detection engine is in the stone-ages. We use Suricata now, a much more modern and capable IDS that is still FOSS.
Here is Gartner's 2015 magic quadrant on IPS systems (most IDS's can be used in IPS mode)
https://securityintelligence.com/wp-content/uploads/2015/12/Gartner-MQ-IPS-2015-11-16.jpg

ESentire however looks like a HIPS, which is much different than traditional IDS. ESentire would be more like Bromium, Invinvea, Carbon Black, Bit-9, Cylance. HIPS is the old name for "next generation" endpoint protection.
-rich
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now