I am partial to IBM Proventia. The reporting tool is great, and helps me run reports of who did what to whom, which is handy for PCI compliance.
-- Rob Frazier, CISSP, ISSAP www.xakephet.com 325-695-7238 Lab 325-665-4131 -------------- Original message ---------------------- From: "Erik Harrison" <[EMAIL PROTECTED]> > > how many servers, os variations, what kind of changes are you looking > to detect? basic file changes are easy, it's the rest of it that's > complicated and functionality will vary. past that, reporting will be > important to the managers, execs and if you have a lot of other things > to manage - to you as well. > > what exactly do you want to show them, will you need to back up any > other responses with relevant data from your org? any other compliance > or security initiatives in the company that you could support with the > package or product? > > On Mon, Oct 20, 2008 at 8:12 AM, Security Group <[EMAIL PROTECTED]> wrote: > > Hello, > > > > I am currently evaluating several host-based Intrusion Detection > > Systems to monitor servers in a DMZ. My company only wants to monitor > > for suspecious behaviour on critical servers, without the need for a > > company wide security system. I am not interested in a network-bases > > ids because this is already covered by our company. > > The list below contains my findings so far; > > > > OSSEC > > Open Source Tripwire > > SAMHAIN > > OSIRIS > > AIDE > > Third Brigade Deep Security > > Symantec Critical System Protection > > IBM Proventia > > Enterasys Dragon IDS/IPS > > McAfee Total Protection for Endpoint > > CA Host-Based Intrusion Prevention System r8 > > GFiEventsManager > > Cisco Security Agent > > > > I am thinking of suggesting OSSEC. Does anyone have any other suggestions? > > > > Thanks in advance. > > > > Kind regards, > > > > Babel Timon > > > > ------------------------------------------------------------------------ > > Test Your IDS > > > > Is your IDS deployed correctly? > > Find out quickly and easily by testing it > > with real-world attacks from CORE IMPACT. > > Go to > http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_ > sfw > > to learn more. > > ------------------------------------------------------------------------ > > > > > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_ > sfw > to learn more. > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
