Osaro, Intrusion prevention is a popular concept that all Security vendors are touting, as it is a popular marketing term. ISS has been the market leader in intrusion detection, evolving the accuracy of detection to the point where customers will feel comfortable turning on "prevention" or "protection" capabilities. Accuracy of detecting malicious behavior, programs, or activity is crucial to being able to prevent/protect appropriately - as customers do not want to stop or disable any of their production applications. ISS has continually improved its technology with Protocol Analysis Behavior, Security Fusion correlation analysis to reduce false positives, and inline blocking capabilities. ISS has also acquired new technology from a company named vCIS, where we will begin introducing intelligent protection capabilities in all of our products in 2003. Please contact me directly for more details or if you would like a roadmap presentation.
Okena has implemented system call filtering technology, to actively respond to system calls whose attributes are considered to be malicious. This technology is very powerful, but can require quite a bit of thought and planning in configuration. If configured incorrectly, this can adversely affect the applications running on your servers. Forescout can tag traffic that is known to be from a malicious intruder or someone using a probing technique. This technology is extremely interesting - but it seems to be a feature that could be useful as an add-on for intrusion protection. I'd be interested to know if you have installed either of these products, and what you find most compelling about either of them. Audra -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 2:22 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [ISSForum] INTRUSION DETECTION vs INTRUSION PREVENTION My company is looking into intrusion prevention instead of ISS IDS. Does ISS have any plan to fully incorporate intrusion prevention into their architecture? We are currently looking into two companies --- OKENA.COM and FORESCOUT.COM Any thoughts on those two companies? Thanks Osaro Osagie CCSA, CCNA, CISSP ALLTEL Information Technology _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
