Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IDS - Intrusion Detection System - What is the best? 1

Status
Not open for further replies.
araspa

araspa

IS-IT--Management
Joined
Aug 4, 2003
Messages
18
Location
AU
What are the 3 top vendors of an IDS solution?
I have a budget of $30k AUD (Australian) What dedicated IDS product would I choose? (No linux boxes here with snort or hogwash) has to be a dedicated IDS.

Just to add a paradox! If I only had $10K which one would I buy?
 
Sort by date Sort by votes
Host based or network based? Best is to use both. For host based, Tripwire is hard to beat for value. The commercial version, not the free Linux version.

Network gets tougher. The good ones will set you back 40 to 60K. Under 10K? Get a linux box with some version of Snort.. I know you said you did not want it but there are "commercial" versions of IDS sensors that Snort as the underpinnings. The problem is the box needs to have horsepower to look at EVERY packet and match it..speed cost money, how fast do you want to go?

Tighten up your specs and I'm sure we can focus in on what might meet the needs.

MikeS

Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
 
Upvote 0 Downvote
Thanks Mike,

.... yup its has to be network. What about
Cisco, they have another IDS that costs about $30000

Cisco Pix Firewall
PDM 3.0(1)
IOS 6.3(1)
This runs in high availability with unlimited lics.
One flaw with this system is that to update ruleset you
need to upgrade IOS
Open source products such as Snort, Hogwash overcome
this issue, but then again this is open source so you
need to be careful with updates (Open source product
are generally not accepted by corporate organisations)
there is also this but too expensive

IDS-4210-K9 4210 Sensor (Chassis, s/w, two
10/100 ports, up to 45Mbps) 10% C $17,898

IDS-4235-K9 4235 Sensor(chassis, s/w, SSH,
10/100/1000BaseT w/ RJ-45) 10% C $27,966

IDS-4250-TX-K9 4250 Sensor (chassis, s/w,
SSH,
10/100/1000BaseT w/ RJ-45) 10% C $55,932

IDS-4250-SX-K9 4250 Sensor (chassis, s/w,
SSH,
1000BaseSX w/ SC connector) 10% C $60,406

IDS-4250-SX-INT= 1000BaseSX Monitoring
Interface w/ SC connector 10% C $5,593

IDS-4250-XL-K9 IDS 4250 chassis, s/w, IDS
Accelera

Cheers
Anthony
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

WinstonCH
  • Locked
  • Helpful tip Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
925
BIS
BIS
woza
  • Locked
  • Question Question
GNS3: Delete the lines "transport preferred none"
Replies
1
Views
758
DrB0b
DrB0b
jobsp90
  • Locked
  • Question Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
548
DavetheChef
DavetheChef
CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
574
CPM86
CPM86
Lccarter
  • Locked
  • Question Question
Cisco CUCM Provisioning and Order Management System
Replies
1
Views
478
Lccarter
Lccarter

Part and Inventory Search

Sponsor

Back
Top