TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
good question!! Most Managed IDS solutions don't really address the issues at all, they usually just stick Network Sensors on portals in a very "plain vanilla" configuration and pay littel or no attention to the real dangers of Internal hacking and worst of all things like VPN desktops or notebooks! (If anything peoplke stick a PFW on notebooks which is nexxt to useless without protocol analysis IDS!). The second issue is bearing in mind my comments above MSP's will usualyy buy the lowest cost product that they can get to meet a service of limited cover plain vanilla! Regrettably few organisations really understand where the real issues and dangers are and are just looking to "tick a box", yes, they have ids as a managed service, the fact it does not address all the issues is not counted or cared about, the box is ticked! Here at Tolerant I belive we are unique in Europe in offering a Managed Service which goes right down to the desktop with a combined AV and IDS using ISS Desktop Protector! We are not afficionados of Network Sensors alone as a managed IDS. Those of you have an IDS installation will know how much information it gives you and that it takes time and effort to tune it to get it to give you what you want. The real issue is seeing a serious alert and deciding on a course of immediate action, can you really wait until you get a report a week later? What systems a managed service provider chooses is not always based on the best product but on the most saleable acceptable product according to the levels of service they will provide! Many chooses ISS on merit and many choose another system for commercial reasons. hope this helpsh
