Sure you can at put one on for each collission domain plus a dedicated box
to run it on, this would cost you over $ 10k. Secondly what do you do when
you multiple access points into the server or a switched environment. I
agree with the real secure sitting inside the firewall though.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 05, 1999 11:25 AM
To: [EMAIL PROTECTED]
Subject: RE: Additions to the Firewall defenses.
Check out RealSecure. They have NT-based "engines" and consoles. You can
put an engine on every collision domain you want to monitor. You can even
put an engine in your DMZ and monitor outside your firewall.
Randy Molen
Defense Threat Reduction Agency
703-810-4784
I was wondering what people would suggest for supplementing thier defenses
in regards to Intrusion Detection in an all NT based environment. The
majority of the organizations I have worked in used Unix boxes to run their
IDS so I have not researched IDS on NT only environments. I have worked
with Host based software like Kanes and Axent's Omniguard but would like
something with Network capabilities.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
