Yes, Proventia & Realsecure have always been my favorite, though I have looked longingly at Tipping Point (at least until they were acquired by 3com then HP) of course even ISS is now pwned by IBM ;)
Proventia caught the serverRPC worm while it was still a 0-day (confirmed by Symantec) when it had taken out 10 servers and would have taken out the other 450 windoze servers before the day was out. Though the 150 *NIX servers would have still be running fine of course, even though the network would have been down with all the windoze servers yakking... But any IDS/IPS is going to have a lot of false-positives, which is why, most of the time I feed it straight into a SIM for correlation and just watch that dashboard. Curt Purdy CISSP, GSNA, GSEC, MCSE+I, CCNA [email protected] [email protected] On Tue, Jul 20, 2010 at 8:53 PM, <[email protected]> wrote: > sourcefire? > > > really? > > in a production network.....ask them how their 9800 sensor works > inline....*snicker* > > > I was stuck using sourcefire for the last two client. I so miss ISS..... > > ----------------------------------------------------------------- > Securing Your Online Data Transfer with SSL. > A guide to understanding SSL certificates, how they operate and their > application. By making use of an SSL certificate on your web server, you can > securely collect sensitive information online, and increase business by > giving your customers confidence that their transactions are safe. > http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194 > > > ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
