I sent a reply privately earlier to original request, about my own
personal preferences, but Gadi's reply prompted me to respond
publicly. :-)
All-in-all, I find that an IDS (NFR-style) has a quite useful
utility.
Your choice of such a utility is, of ourse, another matter
entirely. :-)
- ferg
-- Gadi Evron <[EMAIL PROTECTED]> wrote:
Edward W. Ray wrote:
> Tipping Point IPS is the gold standard these days. Signature-based, which
> annual fee to get the signatures. Signatures are usually weekly at a
> minimum. I use the Unity 50, but they do have Gbps IPS. All of their IPSes
> are "bump-in-the-wire" which means that you do not have to assign an address
> (operates at layer2 instead of layer 3).
Not to say anything about Edward, but this thread is going to be mostly
full of commercial injections.
Except for one network I have been in charge with I have never found the
need for any I[DP]S product and find them an almost complete waste of
time and money.
Gadi.
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
[EMAIL PROTECTED] or [EMAIL PROTECTED]
ferg's tech blog: http://fergdawg.blogspot.com/
