• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 106
  • Last Modified:

Meraki IPS vs. Secureworks IPS

Does anyone have an opinion on which product is better?  Our Secureworks IPS is up for renewal and costs 5X more than a new Meraki with the enterprise maintenance and IPS.

Thanks!
0
Cody Smith
Asked:
Cody Smith
  • 2
1 Solution
 
btanExec ConsultantCommented:
I supposed Secureworks IPS is the secureworks Managed iSensor Intrusion Prevention System. It does well and has been well supported by competent and apt support technical and project team to get it roll out. Probably you know it better. I will not say more.

Meraki IPS is actually integrated Sourcefire’s Snort IDS/IPS. Snort is so called the "father" of IPS - industry standard in network intrusion detection. Snort IDS technology has been highly respected in the security community for nearly 15 years. It’s open source, so it’s continually tested, worked-on, and refined by a broad community of security professionals.  The real plus is when new security threats emerge on a daily basis, Snort open nature of the platform means new threats are identified and added into the engine far more quickly than a handful of developers working in a closed proprietary system could hope to achieve.

But I thought eventually it is how it can be operationalise and add value to target answering your management doubt for security investment. The Intuitive, organization-wide reporting make sense and will help in this target.
Information is presented in real-time, with a configurable historical view that allows admins to quickly identify the regularity with which threats are being seen. Admins can search their organization by:
Threat signature
Network
Client
Source and/or destination IP

Potential security threats are ranked and summarized by severity, with details presented in a timeline, a pie chart, and in summary tables. For those digging for even more information, the complete list of events is also shown. The Snort Signature ID links to a detailed description, including suggested actions to remediate the threat.

Intrusion Detection typically displays many false positives and negatives, so a detailed description helps the administrator to focus their energy on addressing the real threats as they emerge.

You probably should learn more about Meraki’s Intrusion Detection and its role in value adding into next-generation firewall https://meraki.cisco.com/technologies/next-gen-firewall

If cost is a deciding factor and tech support is good so far, then suggest you do not go big bang change but identify a trial with Cisco Meraki testing. But it to real test against Securework, otherwise have a segment to generate the live dashboard and reporting. Then bring forward if it make sense to you that it is cost effective. The fact is Enterprise do not go for best of breed but go for fit for design solution. It can be a hybrid too to diversify your risk in case one of the model is being compromised and exploited with known vulnerability - and time to patch is not timely then your other IPS can kick in for the virtual cover ...
0
 
btanExec ConsultantCommented:
For consideration
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now