Hi There,

As I often have greater respect for a much larger portion of this list
than the rest of the internet, I am curious what is thought about
current IDS/IPS hardware from vendors like Trustwave, Checkpoint,
Alert Logic, mod_security, even snort.. etc, and in particular, the
sensibility and effectiveness of using them in high-security
environments.

>From a compliance perspective, I don't have much choice. From the
costs, infrastructure, and administrative perspectives, I am currently
evaluating whether or not I should be leaning towards and IDS or IPS
solution, and of course which system/vendor. My understanding is that
something like snort requires a fair bit of maintenance and
IT-attention, the trade-off being cost, so I am leaning away from
this. Between detection and prevention, preventing break-ins seems a
bit sillier than trying to actively monitor what's going on and to
then look for threats, so this pushes me more towards IDS over IPS.

Thoughts, suggestions, flames, are all welcome.

Thanks.

~Jason

Reply via email to