Hi!
From your experiences, do you consider that Cisco's Netranger is
better than Snort?
Let me put you in my situation:
We have some snort IDS running on our site and we're quite happy
with it. Quite stable and quite a lot of signatures. And quite easy to
understand what's going on for the unexperienced with SnortSnaf. I could
only ask for a nicer way to have stuff done on real-time.
OTOH, we have 3 NetRangers that somebody bought and we might as
well use them. However, would we see any noticeable gain? Also, the
Director must run NT (it can run on OpenView, but we're not going to buy a
OV license just for NetRanger), and this all Solaris/Linux and I don't
like the fact of supporting another OS, securing it, etc, etc...
Any insights would be greatly appreciated.
ps: For what I've read on this mailing list so far, I'd have bought NFR
instead of the NetRangers... but well, nothing I can do now. We might as
well go ahead and sell the NetRangers.
-- p.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
