TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
What I think is best about this whole thread is ISS let it happen. Having been on many a vendor forum where the slightest comparison with a competitor resulted in an "off topic" post/censor by the moderator. I run a moderate company network (35 servers, 112 workstations), I appreciate the efficiencies in ISS products. If I had the manpower I might do better elsewhere, but I don't, and that is the value I think I get from my investment with ISS. I also appreciate the fact the someone is willing to question/challenge featuresets and ISS dogma (I agree, their literature is "obtuse" at best). Rob Keown MAC DIRECT -----Original Message----- From: John Taylor [mailto:[EMAIL PROTECTED]] Sent: Monday, July 29, 2002 10:38 AM To: Cliff Hanger; [EMAIL PROTECTED] Subject: RE: ISS Slays Dragon? TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- Cliff, I have! It did not perform well against evasion attacks to begin with. As desribed in my explanation "pattern matching" however much customisation is available is yesterday's way and the level of analysis is to my mind insufficient. ISS have a level of guilt in retaining some complexity to satisfy those who lack faith in the ICE algorithms although it is really unnecessary. Realsecure 7.0 will handle a 100MBps ethernet with no dropping of packets and can actually manage about 90% of a Gigabit so performance is not an issue with 7.0. (It is using the ICE algorithms, packet capture technology and protocol analysis. Who wants to spend hours programming a device when an "of the shelf" top performing product is avaialble. Dragon is good, it is very good for "propellor heads" and "boy racers" who enjoy playing with technology and have time on their hands. I spoke last Friday to a large Financial institution who tested both dragon and Realsecure extensively and that is what the evaluator said, "I like Dragon, it is fun to play with, the GUI, the way you can customise it a lot, do all sorts of tasks ----but ----for my Company and it's future, and based on a practical non-laboratory live network situation I must recommend Realsecure, it is mature and with ICE technology scores way above, there is little "programming" and support is so readily available not to mention very good Training." Have you seen Site Protector from ISS, that is what I call a management system! Integrating and fusing vulnerability assessment and IDS to determine how alerts should be dealt with is fantastic. One of the best things now about ISS is Network, host and desktop IDS and Scanning all becoming one simple system. Sooner or later people will realise that just like A/V IDS on the desktop is important and to my mind ISS are years ahead with having the whole gamut of solutions and all going to be managed from one Manager. It is a bit like A/V. How much better is McAffe than Symantec, or Trend, or Sophos or even Kaspersky? Not that much better --- but---- e-policy orchestrator and ASaP make all the difference, this why McAffee are grwoing again at the expense of othwer a/v suppliers. It is a product strategy and policy that wins not individual boxes. Even if Dragon could "burn" Realsecure Network Sensor which I do not believe it does, the real issue is a comprehensive solutio and how it is managed.! JT -----Original Message----- From: Cliff Hanger [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 25, 2002 8:13 PM To: [EMAIL PROTECTED] Subject: ISS Slays Dragon? TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- I have played with Dragon 5.0. The architecture is so different from ISS Real Secure. It is customizable. Signatures, Alerts, etc. I do not want to go into the details but the weaknesses mentioned here are not true. Enterasys sell appliances also. What else do you need to setup once you have the configured that GUI that runs on top of a browser. There are much more features to the product that this. How can you talk about a product that you do not even know. You have to look at their product to fully appreciate the term CUSTOMIZABLE. We have not even talked about performance yet. Do a bake off and you should see. __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com
