NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] intrusion detection - benifits?



I think we have beaten this thread to death guys and gals.  We are all
saying the same thing.
IDS inside good.
Outside even better.

-----Original Message-----
From: Chilton Tim [mailto:[email protected]]
Sent: Thursday, November 30, 2000 4:42 AM
To: Pellowski, Tom; [email protected]
Subject: RE: [FW1] intrusion detection - benifits?



Something useful without having to justify it - wow ! - Take it before they
change their minds!

IDS's are great and have provided me with useful information on many
ocasions.

If it's outside your firewall then you can see whats trying to come in, what
the bad guys on the inside and outside are trying to do to others on the
Internet - so you can report attacks to abuse@the_hackers_isp or break some
fingers internally.

I also like IDS's on the internal segmenets since hackers have day-time jobs
too and you probably employ a couple of them.

You may also want to think about how you will diagnose a problem if
something does DoS/Penetrate the firewall or a host in your DMZ.

If it's logged then you know where to start, the type of attack and
therefore how to protect aginst it - you will therefore also see more of
your wife and kids.

Product wise - pick what works for you.

Cheers

Tim

-----Original Message-----
From: Pellowski, Tom [mailto:[email protected]]
Sent: 28 November 2000 13:45
To: fw-1-mailinglist@lists. us. checkpoint. com (E-mail)
Subject: [FW1] intrusion detection - benifits?



Greetings:

I have this question that I would like the community to give me their .02
worth. 

In an arena running Checkpoint (whatever flavor) is it really worth the
time, expense, and possible network performance compromises to put a
separate intrusion detection appliance online in front of the firewall?

I understand that there are tons of "well, you could.." but what I am really
after is "your" opinion. Would you, as the FW admin/engineer, do it.

Obivously I am looking for some backup here as I am having a intrusion
detection package rammed down my throat, and frankly, I don't want it. But
my only defense at this point is that "is something more to manage".

Thanks to all in advance!!!

Tom




============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====
************************************************************************
The information in this email is confidential and is intended solely
for the addressee(s).
Access to this email by anyone else is unauthorised. If you are not
an intended recipient, you must not read, use or disseminate the
information contained in the email.
Any views expressed in this message are those of the individual sender,
except where the sender specifically states them to be the views of
The Capital Markets Company.

http://www.capco.com
***********************************************************************



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.