Need advice on network and host based IDS

Discussion in 'other security issues & news' started by ggratto, Feb 28, 2003.

Thread Status:
Not open for further replies.
  1. ggratto

    ggratto Registered Member

    Need advice on network and host based IDS solutions.
    Have you used one?
    Pros and cons?
     
    ggratto, Feb 28, 2003
    #1
  2. LowWaterMark

    LowWaterMark Administrator

    At work, my company made an investment in RealSecure from ISS. We tried two different pieces, the network based sensors and the server based ones. We had a lot of difficulty getting much out of the network sensors given the complexity of our networks (a large number of switched vlans) and ultimately decided the best way was to put the IDS on every server. (The idea being an attack had to have a target... Monitoring every target gives you a greater chance of catching the intrusion, versus trying to monitor the network wire directly.)

    You didn't say whether you were talking about a home or an enterprise solution, so, I figured I'd give you information from a large scale business network perspective, as it's more interesting than installing an IDS on a small home setup.
     
    LowWaterMark, Feb 28, 2003
    #2
  3. ggratto

    ggratto Registered Member

    I am looking for a enterprise solution
    Currently looking at

    Cisco
    Dragon
    SHS
    symantec

    Thanks for the info.
     
    ggratto, Mar 4, 2003
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice