I've had bad experience with the McAfee sensors. Total crap. You can only filter by IP address, not ports too. One example is if you have an http server on a nonstandard port, your only option is to deal with the alarm or compeltely disable it entirely or for the IP address. You can't say HTTP is okay on this port but not others.
I also noticed that if you enable traffic logging, it doesn't always capture packets. It also doesn't always list a source or destination IP. It's been about a year and a half but man I hated the Intrushield! In their defense, they *may* have changed things drastically in the past year and a half. And I hope they did!!! Network Sentry www.netsentinc.com ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
