Hello, I am currently evaluating several host-based Intrusion Detection Systems to monitor servers in a DMZ. My company only wants to monitor for suspecious behaviour on critical servers, without the need for a company wide security system. I am not interested in a network-bases ids because this is already covered by our company. The list below contains my findings so far;
OSSEC Open Source Tripwire SAMHAIN OSIRIS AIDE Third Brigade Deep Security Symantec Critical System Protection IBM Proventia Enterasys Dragon IDS/IPS McAfee Total Protection for Endpoint CA Host-Based Intrusion Prevention System r8 GFiEventsManager Cisco Security Agent I am thinking of suggesting OSSEC. Does anyone have any other suggestions? Thanks in advance. Kind regards, Babel Timon ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
