Host Based IPS

Discussion in 'other anti-malware software' started by Trekk, Aug 16, 2005.

Thread Status:
Not open for further replies.
  1. Trekk

    Trekk Registered Member

    Joined:
    Aug 16, 2005
    Posts:
    90
    Location:
    Ohio
    Hello!

    I am a Security Analyst for a 10k+ user network. Currently I have been tasked with finding a suitable Hostbased IPS solution. Ive looked at several inlcuding McAfee' IntruShield but am looking for some solid advice from anyone who may have any ideas.

    Thanks!

    Trekk
     
  2. dog

    dog Guest

    Hi Trekk, :)

    Welcome to Wilders'

    I've moved your post to the other anti-malware forum which includes HIPS protection, it will receive better attention in this forum.

    Best Wishes with the Quest of the Right Solution.

    Regards;

    Steve
     
  3. Trekk

    Trekk Registered Member

    Joined:
    Aug 16, 2005
    Posts:
    90
    Location:
    Ohio
    Thank You Steve! I'm new here and was not quite sure where to put it :)


    Trekk
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    10K+ users means you are looking for a product that includes centralised installation, configuration and reporting which rules out almost all of the products normally discussed here (which are aimed at individual users). The only likely candidate would be Tiny Firewall (which includes process, registry and file access control) which can be controlled from a central location using their Host Security Server product.

    However Tiny is something that can take a while to set up - creating a company/enterprise-wide configuration doubly so. In addition Tiny themselves have been recently acquired by Computer Associates which always adds an element of doubt in terms of product support.

    As an alternative, you may wish to check out malware scanners designed for enterprise use like BOClean. This would involve far less configuration work and can be set up to run invisibly from users.
     
  5. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I'd recommend taking a peek at the Safe'n'Sec. They do have a business package with centralized management. The one thing about most of these packages right now is that they're geared for standalone workstations, this product is at least tackling centralized deployment and management. I run it at home on multiple PC's, it's very stable on my systems thus far.

    Blue
     
  6. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Eeye's Blink is another option that appears to target business users (although in this case, by charging too high a price for home users...).
     
  7. Trekk

    Trekk Registered Member

    Joined:
    Aug 16, 2005
    Posts:
    90
    Location:
    Ohio
    Thank you for the info, I will look into these and see if they will work.


    Trekk
     
Loading...
Thread Status:
Not open for further replies.