IDS-IPS Recommendations

I am looking at installing an IDS or IPS system for a small
company (150
computers) the is very security conscious.   Since I am very
familiar with
Cisco am looking at a Cisco ASA5510 IPS edition.   

What are your experiences with the 5510?  What are the real
life good and
bad points of this system?

What other systems should I consider?  

My budget is $10.000.

Thanks for your help,





-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

how much traffic are we talking about
~2Mb+ ??

Al Cooper wrote:
> I am looking at installing an IDS or IPS system for a
small company (150
> computers) the is very security conscious.   Since I am
very familiar with
> Cisco am looking at a Cisco ASA5510 IPS edition.   
> 
> What are your experiences with the 5510?  What are the
real life good and
> bad points of this system?
> 
> What other systems should I consider?  
> 
> My budget is $10.000.
> 
> Thanks for your help,
> 
> 
> 
> 
> 

There are only about 150 users so we are not talking about a
lot of traffic.
I would guess less than 5MB.

-----Original Message-----
From: jeffrey rivero [mailto:jeffr76yahoo.com] 
Sent: Thursday, October 18, 2007 9:35 AM
To: Al Cooper
Cc: security-basicssecurityfocus.com
Subject: Re: IDS-IPS Recommendations

how much traffic are we talking about
~2Mb+ ??

Al Cooper wrote:
> I am looking at installing an IDS or IPS system for a
small company (150
> computers) the is very security conscious.   Since I am
very familiar with
> Cisco am looking at a Cisco ASA5510 IPS edition.   
> 
> What are your experiences with the 5510?  What are the
real life good and
> bad points of this system?
> 
> What other systems should I consider?  
> 
> My budget is $10.000.
> 
> Thanks for your help,
> 
> 
> 
> 
> 

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Check out this article by Gartner on IPSs.

Particularly the magic quadrant.
http://www.sourcefire.com/resources/down
loads/public/SF_gartner07.pdf?a=
1&b=2

-----------
Albert
 

-----Original Message-----
From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com]
On Behalf Of Al Cooper
Sent: Wednesday, October 17, 2007 5:43 PM
To: security-basicssecurityfocus.com
Subject: IDS-IPS Recommendations

I am looking at installing an IDS or IPS system for a small
company (150
computers) the is very security conscious.   Since I am very
familiar
with
Cisco am looking at a Cisco ASA5510 IPS edition.   

What are your experiences with the 5510?  What are the real
life good
and bad points of this system?

What other systems should I consider?  

My budget is $10.000.

Thanks for your help,





--
This message has been scanned for viruses and dangerous
content by
MailScanner, and is believed to be clean.

is this in addition to a current firewall or in place of
one
there are a few good ones out there
Cisco is great but they can be harder to maintain for the
non cisco-it's
have a look at SNORT (open source easy to use, ACID, or BASE
can help 
(we use the ACID console)
there are embedded solutions that will make the setup a
snap
we currently have 1 cisco device and 3 SNORT boxes
snort is a nice IDS but it does take a bit of power to run
it
we hover at about 8Mb and our boarder snort box (cel 2.x 256
M ram) was 
vary busy it has been upgraded to duel optrons and now
screams

www.Astaro.com has a nice Snort setup have a look at them

Al Cooper wrote:
> There are only about 150 users so we are not talking
about a lot of traffic.
> I would guess less than 5MB.
> 
> -----Original Message-----
> From: jeffrey rivero [mailto:jeffr76yahoo.com] 
> Sent: Thursday, October 18, 2007 9:35 AM
> To: Al Cooper
> Cc: security-basicssecurityfocus.com
> Subject: Re: IDS-IPS Recommendations
> 
> how much traffic are we talking about
> ~2Mb+ ??
> 
> Al Cooper wrote:
>> I am looking at installing an IDS or IPS system for
a small company (150
>> computers) the is very security conscious.   Since
I am very familiar with
>> Cisco am looking at a Cisco ASA5510 IPS edition.  

>>
>> What are your experiences with the 5510?  What are
the real life good and
>> bad points of this system?
>>
>> What other systems should I consider?  
>>
>> My budget is $10.000.
>>
>> Thanks for your help,
>>
>>
>>
>>
>>
> 

Hi,

I use a bridged (stealth) Snort inline as IPS, and it works
great for the 
amount of traffic we handle here ( +- 2Mbs).If you subscribe
for rules 
update you will have a very powerfull IPS system. It can be
configured to 
run with PIX and Cisco routers also ( Snortsam).

David Almada
----- Original Message ----- 
From: "Al Cooper" <cooperhmcnetworks.com>
To: <security-basicssecurityfocus.com>
Sent: Wednesday, October 17, 2007 9:43 PM
Subject: IDS-IPS Recommendations


>I am looking at installing an IDS or IPS system for a
small company (150
> computers) the is very security conscious.   Since I am
very familiar with
> Cisco am looking at a Cisco ASA5510 IPS edition.
>
> What are your experiences with the 5510?  What are the
real life good and
> bad points of this system?
>
> What other systems should I consider?
>
> My budget is $10.000.
>
> Thanks for your help,
>
>
>
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.