General discussion

Locked

The best Intrusion detection?

By sekhardash ·
Can any one help me to know which one is the best IDS/IPS??

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Sans

by Jaqui In reply to The best Intrusion detect ...

Sans has recently had a series of webcasts on intrusion prevention, given by people who have gone through the process, for enterprise class networks ( including an internet access provider )

free portal membership to get access to the archives of the webcasts.

http://www.sans.org

Collapse -

Intrusion detection software

by bpclark In reply to The best Intrusion detect ...

I have found Kaspersky AntiHacking software and McAfee's 8.0i effective. you'll find Kaspersky at www.kaspersky.com and McAfee at www.nai.com

Collapse -

SNORT

by FelixOrtiz In reply to The best Intrusion detect ...

I have had a GREAT deal of success with Snort.

http://snort.org

and

http://www.winsnort.com for the windows crowd.

Keep in mind that any IDS is only as good as the rules that you are running on it so you will have to put some time into managing rules on any IDS but they are well worth it if you have to provide a law enforcement agency with proof that damage has been inflicted and by whom. Keep in mind that Intrusion Detection System is not by any means an Intrusion Prevention System. So your first step should be to have a properly fire walled and patched system to begin with. Some IDS (including Snort) can be coupled with scripts that shut out an offending IP by adding rules to a firewall but that is not the main function of the IDS.

Collapse -

IPS

by Strauss In reply to SNORT

If you are looking for first class enterprise IPS. Go for ISS. www.iss.net

Collapse -

Snort-inline

by Amit sharma In reply to SNORT

How abt snort inline for IPS.

You can use snort-inline to even support your opensource antivirus solutions. If properly configured & managed well we can say like 40% of bad traffic can be waived off by snort-inline.

Collapse -

snort the powerful

by ashvinmanoj In reply to The best Intrusion detect ...

from my knowledge i feel that snort an intelligent agent is power full from all.....

one advantage is its a open source and free of cost....
]right now i dono the limitations and i think that no drawbacks will be from it... if i feel so i will post here....

Back to Security Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums