I am attempting to evaluate an Anomaly Detection System from ISS, that takes flow information and integrated the data with the IPS/IDS infrastructure.
ISS states that it protects from internal threats as it monitors the network traffic from the flow information. Another interesting product is the SourceFire Enterprise Threat Management system that does Real Time Network Analysis, which is a very interesting product. Albert R. Campa -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of snort user Sent: Thursday, October 04, 2007 11:06 AM To: [email protected] Subject: IDS detection approaches Greetings. I have a general IDS related query: what are the current trends in intrusion detection methods? Signature based seems to be the most commonly used approach. There are also lot of products that implement protocol decoding/analysis to assist the signature based approach. There are a few rate based and anomaly based products too. What do you think is the most probable approach that will complement the signature based approach in the recent future? Thanks for the reply ! ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig n=intro_sfw to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
