[89675] in North American Network Operators' Group
Re: recommendations regarding IPS
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri Mar 31 20:48:58 2006
Date: Sat, 01 Apr 2006 04:46:27 +0200
From: Gadi Evron <ge@linuxbox.org>
To: "Edward W. Ray" <spamjail@mmicman.com>
Cc: "'Hegger, Stefan'" <Stefan.Hegger@lycos-europe.com>,
"'Robert E.Seastrom'" <rs@seastrom.com>, nanog@merit.edu
In-Reply-To: <016e01c65513$24452a50$2601a8c0@mmicmanhomenet.local>
Errors-To: owner-nanog@merit.edu
Edward W. Ray wrote:
> Tipping Point IPS is the gold standard these days. Signature-based, which
> annual fee to get the signatures. Signatures are usually weekly at a
> minimum. I use the Unity 50, but they do have Gbps IPS. All of their IPSes
> are "bump-in-the-wire" which means that you do not have to assign an address
> (operates at layer2 instead of layer 3).
Not to say anything about Edward, but this thread is going to be mostly
full of commercial injections.
Except for one network I have been in charge with I have never found the
need for any I[DP]S product and find them an almost complete waste of
time and money.
Gadi.
