We are looking at a similar type of card for our IPS, am interested if customers really by into this as being true bypass? We wanted to offer it as an option with free IPS strata guard free (stillsecure.org).
alan StillSecure Alan Shimel Chief Strategy Officer O 303.381.3815 C 516.857.7409 F 303.381.3881 email [EMAIL PROTECTED] blog http://ashimmy.typepad.com www.stillsecure.com The information transmitted is intended only for the person to whom it is addressed and may contain confidential material. Review or other use of this information by persons other than the intended recipient is prohibited. If you've received this in error, please contact the sender and delete from any computer. -----Original Message----- From: Martin Roesch [mailto:[EMAIL PROTECTED] Sent: Thursday, February 16, 2006 10:47 AM To: Andrew Plato Cc: [EMAIL PROTECTED]; [email protected] Subject: Re: IPS Reliability/Availability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So Andrew, are you saying that most of our customers routinely experience 75% hardware failure rates and we're somehow managing to cover this up or do you think this was an isolated incident? Can you imagine the cost to us in in terms of overhead for our customers with 100+ sensors if that were a true indication of the reliability of our gear? BTW, our IPS appliances offer zero power fail-open NICs as well. -Marty On Feb 6, 2006, at 11:04 AM, Andrew Plato wrote: > Most of these devices are pretty good for reliability. The only > exception I would make is SourceFire, which back when we sold it had > abysmal reliability (3 out of 4 boxes we sold to a customer show up > dead > or died soon after installation). > > TippingPoint sells a zero-power bypass add-on for their IPS. If the > IPS > fails in anyway, traffic is passed through the zero-power device. Its > very easy to add. Juniper does something similar. > > ----------------------------------------------- > Andrew Plato, CISSP, CISM > President/Principal Consultant > Anitian Enterprise Security > > ----------------------------------------------- > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, February 02, 2006 8:27 AM > To: [email protected] > Subject: IPS Reliability/Availability > > I am working on a big IPS project and I am very concerned about > installing an inline device in a core enterprise network, where these > devices have the potential to create big time network outages. > > Can you, please, share your possible bad experiences about the > reliability of the following inline IPS products: > > ISS > TippingPoint > Juniper IPS > Sourcefire > McAfee IntruShield > > Have you had any issues with the availability of these devices, > such as > fail close crashes or do you have any experience with bypass switches > that would mitigate the availability issue? > > Thanks, > Mike > > ---------------------------------------------------------------------- > -- > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it with real-world attacks from > CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus- > ids_040708 > to learn more. > ---------------------------------------------------------------------- > -- > _________________________________________________ > NOTICE: > This email may contain confidential information, > and is for the sole use of the intended recipient. > If you are not the intended recipient, please reply > to the message and inform the sender of the error > and delete the email and any attachments from > your computer. > _________________________________________________ > > ---------------------------------------------------------------------- > -- > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus- > ids_040708 > to learn more. > ---------------------------------------------------------------------- > -- > - -- Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616 Sourcefire - Security for the Real World - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) iD8DBQFD9J6Qqj0FAQQ3KOARAiElAJ96YZCSRUWJzU8hQZ2zKIsslDH6RQCfV9K1 sLDLFCtnciiLmvCYHUbPgv8= =+eOq -----END PGP SIGNATURE----- ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
