No subject


Thu Nov 23 16:36:19 EST 2017


other IPS solutions and is actually what is behind many of them

> Neither trippingpoint or smallplayer have made significant strides in
> the prevention space and both have failed to pass an independent
> certification that I am aware of. Performance keeps being the issue.
>
> While we are plugging products...
>
> If your need is a point case protection system for those rare instances
> where you know that your firewall cannot / does not block the attack
> consider a beefy snort-inline system used effectively. I cannot imagine
> that more than a few t1 links need this "IPS" capability.
>
> If your need is gigabit "IPS" consider carefully the deployment and
> products. Plug it into your gig backbone and watch things fail. I am
> only aware of one that can play at that speed in the IP realm and it
> sucks on the system management front and detection is sketchy outside of
> the lab.
>
> I specualte that a free snort-inline box will play just as well on the
> fringe that you need covered. Save your pennies for when the technology
> matures, hopefully within a couple of years.
>
> If the issue is the Dell reps selling over your head to the execs then
> go do the research and check out the articles to arm for the debate.
> Gartner inserted the foot a while ago and has had a rough time of it
> since. Google about for a bit, here is some reading to get started.
>
> http://www.sans.org/newsletters/newsbites/vol5_24.php
>
> Look at the section
>
> SPECIAL SECTION: IS IDS DEAD?
> --Gartner IDS Report Evokes Strong Response
>
>
> Josh Berry wrote:
>
>> I know it is a very expensive solution, very high-traffic centric,
>> really
>> was built for Carrier class networks.  There are a lot of other
>> solutions
>> that can handle a lot of traffic but are much cheaper.  One of those is
>> TopLayer Networks Attack Mitigator.
>>
>>
>>>Anyone know anything about TippingPoint.com? Anyone using it or have
>>
>> used it in the past?
>>
>>>The Dell sales guy has been talking to management trying to sell them on
>>
>> this intrusion prevention solution from TippingPoint Technologies.
>> Management, of course, is curious and wonders why we even use Snort when
>> we could spend money on a solution rather than have it free. :-P Gotta
>> spend that money, you know.
>>
>>>Thanks.
>>>KJ
>>>
>>
>>
>>
>> Thanks,
>> Josh Berry, CTO
>> LinkNet-Solutions
>> 469-831-8543
>> josh.berry at ...10268...
>>
>>
>>
>>
>> Thanks,
>> Josh Berry, CTO
>> LinkNet-Solutions
>> 469-831-8543
>> josh.berry at ...10268...
>>
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by: SF.net Giveback Program.
>> SourceForge.net hosts over 70,000 Open Source Projects.
>> See the people who have HELPED US provide better services:
>> Click here: http://sourceforge.net/supporters.php
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>>
>>
>
>







More information about the Snort-users mailing list