Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Intrusion Detection

Reply
Thread Tools

Intrusion Detection

 
 
News
Guest
Posts: n/a
 
      07-08-2003
Anyone used either Security Metrics or RealSecure by ISS? If so I'd love to
hear your opinions regarding ease of use, effectiveness, false positives...

Thanks

(email won't work, please post replies here)


 
Reply With Quote
 
 
 
 
Alexander Delarge
Guest
Posts: n/a
 
      07-09-2003

"News" <(E-Mail Removed)> wrote in message
news:wiAOa.22000$(E-Mail Removed)...
> Anyone used either Security Metrics or RealSecure by ISS? If so I'd love

to
> hear your opinions regarding ease of use, effectiveness, false

positives...

I use RealSecure at our work. I have the desktop product, server sensor, and
a network sensor. Personally, I love RS. Its arguably one of the best IDS
engines on the market. Extremely accurate and capable. However, the learning
curve on RS is rather steep. The documentation is awful (full of errors and
omissions). So if you go with RS, plan to spend some ramp up time or hire a
consultant.

That much said, I have been able to do some really great things with RS. For
example, we use RS Desktop and I've tweaked it to prevent users from
accessing web sites and logging their chat usage. Although it wasn't
designed for that, when you get under the covers of RS, there are a lot of
excellent features.

The other IDS I would look at is Sourcefire. Its the commercialization of
Snort. I demo'ed it a while back. Good system. A bit limited in its reach,
but very accurate.

I've never used Security Metrics. I did look at ManHunt (crap), NFR (crap),
and Cisco IDS (complete POS) and was unimpressed with all of them. ManHunt
looks great, but the IDS engine sucks ass.

Alex


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Intrusion Detection System Anthony Fischer Cisco 5 01-22-2006 08:37 AM
Norton Intrusion Detection don Computer Support 3 02-23-2005 04:57 PM
REVIEW: "Intrusion Detection with Snort", Jack Koziol Rob Slade, doting grandpa of Ryan and Trevor Computer Security 0 10-07-2003 03:55 AM
New book reviews - Snort 2.0, Intrusion Detection with Snort and Hack I.T. - Penetration testing Lord Shaolin Computer Security 2 08-12-2003 08:56 AM
MSSP intrusion detection misc Computer Security 1 07-19-2003 01:24 AM



Advertisments