Intrusion Detection

Discussion in 'Computer Security' started by News, Jul 8, 2003.

  1. News

    News Guest

    Anyone used either Security Metrics or RealSecure by ISS? If so I'd love to
    hear your opinions regarding ease of use, effectiveness, false positives...

    Thanks

    (email won't work, please post replies here)
    News, Jul 8, 2003
    #1
    1. Advertising

  2. "News" <> wrote in message
    news:wiAOa.22000$...
    > Anyone used either Security Metrics or RealSecure by ISS? If so I'd love

    to
    > hear your opinions regarding ease of use, effectiveness, false

    positives...

    I use RealSecure at our work. I have the desktop product, server sensor, and
    a network sensor. Personally, I love RS. Its arguably one of the best IDS
    engines on the market. Extremely accurate and capable. However, the learning
    curve on RS is rather steep. The documentation is awful (full of errors and
    omissions). So if you go with RS, plan to spend some ramp up time or hire a
    consultant.

    That much said, I have been able to do some really great things with RS. For
    example, we use RS Desktop and I've tweaked it to prevent users from
    accessing web sites and logging their chat usage. Although it wasn't
    designed for that, when you get under the covers of RS, there are a lot of
    excellent features.

    The other IDS I would look at is Sourcefire. Its the commercialization of
    Snort. I demo'ed it a while back. Good system. A bit limited in its reach,
    but very accurate.

    I've never used Security Metrics. I did look at ManHunt (crap), NFR (crap),
    and Cisco IDS (complete POS) and was unimpressed with all of them. ManHunt
    looks great, but the IDS engine sucks ass.

    Alex
    Alexander Delarge, Jul 9, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Anthony Fischer

    Intrusion Detection System

    Anthony Fischer, Jan 13, 2006, in forum: Cisco
    Replies:
    5
    Views:
    1,632
    Cisco
    Jan 22, 2006
  2. don

    Norton Intrusion Detection

    don, Feb 22, 2005, in forum: Computer Support
    Replies:
    3
    Views:
    2,643
    Brian G
    Feb 23, 2005
  3. misc

    MSSP intrusion detection

    misc, Jul 18, 2003, in forum: Computer Security
    Replies:
    1
    Views:
    857
  4. Lord Shaolin
    Replies:
    2
    Views:
    1,076
    Lord Shaolin
    Aug 12, 2003
  5. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Intrusion Detection with Snort", Jack Koziol

    Rob Slade, doting grandpa of Ryan and Trevor, Oct 7, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    626
    Rob Slade, doting grandpa of Ryan and Trevor
    Oct 7, 2003
Loading...

Share This Page