TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
Peter, Having the best product and 60% of the market share are two different things. I totally agree with Rob when he said the decision to use a particular product depends on a couple of things: 1. Available Manpower 2. Skill Level 3. Budget 4. Comfort level 5. Ease of maintenance 6. Customizability 7. Integration with third party products 8. As you mentioned - Alert mechanisms --> this i do not get. Did anybody configure alarmtool for Dragon? 9. signature updates The question I would like to pose is "Which products do managed security services companies consider their platform of choice?" Some products do other things better. Ultimately, it is up to the customer. He/She may pick a product and not get a certain feature because it meets some of their requirements. Bottomline is, people who will us the product should be comfortable with the technology they are adopting. You may have a Ferrari but if you can't drive stick - it's a waste of investment. Regards, Cliff --- "Haeufel, Peter (ISS Stuttgart)" <[EMAIL PROTECTED]> wrote: > Rob, > > I am not responsible for this mailing list but I can > imagine why my > colleagues > even like this discussion about Dragon. > > 1. We know, that we have the best product in the > market and we do not loose > in the direct competition against Dragon. The whole > solution, the > integration > of desktop, server and network products and an event > correlation that really > works are the arguments against any competitor in > the market. Make a demo > for your customer and you have won the deal. > > 2. It is valuable for our PM team and our marketing > to understand why some > reseller / customer are still using products from > our competitors. > > 3. And in the end this discussion is comming to the > solution we want to have > without any regulation or assistance (see below). > > 4. All members of this forum have learned the > arguments against Dragon. > > That is pretty cool, isn't it? > > Peter Haeufel > Internet Security Systems Germany > > > -----Urspr�ngliche Nachricht----- > Von: Rob Keown [mailto:[EMAIL PROTECTED]] > Gesendet: Dienstag, 30. Juli 2002 01:06 > An: 'John Taylor'; Cliff Hanger; [EMAIL PROTECTED] > Betreff: RE: ISS Slays Dragon? > > > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the > body of your message to > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] > for help with any > problems! > ---------------------------------------------------------------------------- > > What I think is best about this whole thread is ISS > let it happen. Having > been on many a vendor forum where the slightest > comparison with a competitor > resulted in an "off topic" post/censor by the > moderator. > > I run a moderate company network (35 servers, 112 > workstations), I > appreciate the efficiencies in ISS products. If I > had the manpower I might > do better elsewhere, but I don't, and that is the > value I think I get from > my investment with ISS. > > I also appreciate the fact the someone is willing to > question/challenge > featuresets and ISS dogma (I agree, their literature > is "obtuse" at best). > > Rob Keown > MAC DIRECT > > > -----Original Message----- > From: John Taylor > [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 29, 2002 10:38 AM > To: Cliff Hanger; [EMAIL PROTECTED] > Subject: RE: ISS Slays Dragon? > > > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the > body of your message to > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] > for help with any > problems! > ---------------------------------------------------------------------------- > > Cliff, > > I have! It did not perform well against evasion > attacks to begin with. As > desribed in my explanation "pattern matching" > however much customisation is > available is yesterday's way and the level of > analysis is to my mind > insufficient. ISS have a level of guilt in retaining > some complexity to > satisfy those who lack faith in the ICE algorithms > although it is really > unnecessary. > > Realsecure 7.0 will handle a 100MBps ethernet with > no dropping of packets > and can actually manage about 90% of a Gigabit so > performance is not an > issue with 7.0. (It is using the ICE algorithms, > packet capture technology > and protocol analysis. > > Who wants to spend hours programming a device when > an "of the shelf" top > performing product is avaialble. > > Dragon is good, it is very good for "propellor > heads" and "boy racers" who > enjoy playing with technology and have time on their > hands. I spoke last > Friday to a large Financial institution who tested > both dragon and > Realsecure extensively and that is what the > evaluator said, "I like Dragon, > it is fun to play with, the GUI, the way you can > customise it a lot, do all > sorts of tasks ----but ----for my Company and it's > future, and based on a > practical non-laboratory live network situation I > must recommend Realsecure, > it is mature and with ICE technology scores way > above, there is little > "programming" and support is so readily available > not to mention very good > Training." > > Have you seen Site Protector from ISS, that is what > I call a management > system! Integrating and fusing vulnerability > assessment and IDS to determine > how alerts should be dealt with is fantastic. > > One of the best things now about ISS is Network, > host and desktop IDS and > Scanning all becoming one simple system. Sooner or > later people will realise > that just like A/V IDS on the desktop is important > and to my mind ISS are > years ahead with having the whole gamut of solutions > and all going to be > managed from one Manager. > > It is a bit like A/V. How much better is McAffe than > Symantec, or Trend, or > Sophos or even Kaspersky? Not that much better --- > but---- e-policy > orchestrator and ASaP make all the difference, this > why McAffee are grwoing > again at the expense of othwer a/v suppliers. It is > a product strategy and > policy that wins not individual boxes. Even if > Dragon could "burn" > Realsecure Network Sensor which I do not believe it > does, the real issue is > a comprehensive solutio and how it is managed.! > > JT > > > > -----Original Message----- > From: Cliff Hanger [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 25, 2002 8:13 PM > To: [EMAIL PROTECTED] > Subject: ISS Slays Dragon? > > > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the > body of your message to > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] > for help with any > problems! > ---------------------------------------------------------------------------- > > I have played with Dragon 5.0. The architecture is > so > different from ISS Real Secure. It is customizable. > > Signatures, Alerts, etc. I do not want to go into > the > details but the weaknesses mentioned here are not > true. > > Enterasys sell appliances also. What else do you > need > to setup once you have the configured that GUI that > runs on top of a browser. > > There are much more features to the product that > this. > === message truncated === __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com
