On Tue, 28 Nov 2000, Pellowski, Tom wrote:
>
> In an arena running Checkpoint (whatever flavor) is it really worth the
> time, expense, and possible network performance compromises to put a
> separate intrusion detection appliance online in front of the firewall?
>
> Obivously I am looking for some backup here as I am having a intrusion
> detection package rammed down my throat, and frankly, I don't want it. But
> my only defense at this point is that "is something more to manage".
Tom,
I am a big fan of IDS. It does not solve all of your problems, but it
does give you an additional layer of information. But instead of taking
our word for it, try an IDS system yourself. I highly recommend you give
snort (http://www.snort.org) a try. Its OpenSource, free, and runs on
both Unix and NT. This should give you an idea of what an IDS can do
for you. If you like the capabilities, you can then deploy snort, or
try other commercial options and compare.
lance
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
