[178042] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Intrusion Detection recommendations

daemon@ATHENA.MIT.EDU (Richo Healey)
Fri Feb 13 13:05:31 2015

X-Original-To: nanog@nanog.org
Date: Fri, 13 Feb 2015 10:03:31 -0800
From: Richo Healey <richo@psych0tik.net>
To: Mel Beckman <mel@beckman.org>
In-Reply-To: <FA15FF95-B27B-46E1-9E4D-23FB1A31558E@beckman.org>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On 13/02/15 17:45 +0000, Mel Beckman wrote:
>Unless you need regulatory-grade IDS, your best bet is a Unified Threat Management (UTM) appliance, essentially any modern enterprise grade firewall such as a Cisco ASA, Fortigate, SonicWall, etc. These all have built-in IDS/IPS options for a fee.
>
> -mel
>

Flip over these, or ideally watch the talk before deploying an ASA (or some
other black-box security appliance that tries to be All Things to All People)

https://ruxcon.org.au/assets/2014/slides/Breaking%20Bricks%20Ruxcon%202014.pdf

-- 
richo


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[178042] in North American Network Operators' Group

Re: Intrusion Detection recommendations

daemon@ATHENA.MIT.EDU (Richo Healey)Fri Feb 13 13:05:31 2015

daemon@ATHENA.MIT.EDU (Richo Healey)
Fri Feb 13 13:05:31 2015