Tom,
I personally don't see the real need to have IDS running outside the
Firewall, I would have it running INSIDE the Firewall for the overly
paranoid folks. It gives you a little more peace of mind.
Scott
>From: "Pellowski, Tom" <[EMAIL PROTECTED]>
>To: "fw-1-mailinglist@lists. us. checkpoint. com (E-mail)"
><[EMAIL PROTECTED]>
>Subject: [FW1] intrusion detection - benifits?
>Date: Tue, 28 Nov 2000 08:45:05 -0500
>
>
>Greetings:
>
>I have this question that I would like the community to give me their .02
>worth.
>
>In an arena running Checkpoint (whatever flavor) is it really worth the
>time, expense, and possible network performance compromises to put a
>separate intrusion detection appliance online in front of the firewall?
>
>I understand that there are tons of "well, you could.." but what I am
>really
>after is "your" opinion. Would you, as the FW admin/engineer, do it.
>
>Obivously I am looking for some backup here as I am having a intrusion
>detection package rammed down my throat, and frankly, I don't want it. But
>my only defense at this point is that "is something more to manage".
>
>Thanks to all in advance!!!
>
>Tom
>
>
>
>
>================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>================================================================================
_____________________________________________________________________________________
Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
