Hi there.
Network IDS's : NFR, snort, ISS
It all depends on what you're trying to get (money vs. time vs resources
vs. goals).
Host based IDS's : ISS, tripwire, NetworkIce
IF you want to know what happened to the system itself.
You must define some trade-offs.
Reporting abilities might depend on other software and hardware pieces.
Load and network design might give a lot of false positives.
Correct filtering on each package might give great improvement on
network IDS'a performance.
Don't forget about who's gonna look at the logs and reports and make the
analysis on the incidents.
Take good knowlegde on what's supposed beeing in the wire (that policy
thingy).
Talking about wire, load balancers and switches might confused and
obliterate some of the IDS's features.
Fear all-in-one solutions.You just get all the eggs in the same basket.
Hope it helped
Rafael Teixeira
horvath anton wrote:
>
> Hi,
>
> could someone point me to wellknown professional
> Intrusion Detection Systems ?
> I`d like to get a price overviwe about those Systems
>
> Mit freundlichen Gruessen/Best regards
>
> Anton Horvath
>
> --
> Office address (Vienna Airport) :
> Co. Anton Horvath
> Flughafen Wien AG.
> Postfach 1
> A-1300, Vienna
> Austria
> Voice: (++43 - 1) 7007 Ext: 22837
> Fax: (++43 - 1) 7007 Ext: 25188
> (EMail: [EMAIL PROTECTED])
> Email: [EMAIL PROTECTED]
--
"In theory there is no difference between theory and practice.
In practire there is."
Yogi Berra
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
