|
|
 In
many respects, an IDS functions in the same way as a
firewall, but at a greater level of granularity. An IDS
monitors all network assets, collating all access and
usage, either for immediate action or as part of a
longer term strategy. IDSs not only monitor ‘traditional’
security attacks, but can also build up a detailed
picture of an attacker’s behavior, creating a modus
operandi that can be used for future detection and
protection.
Like most developments in the security arena,
intrusion detection unsurprisingly began as a project
for the U.S. government. Back in 1980, a white paper by
security consultant James P. Anderson, entitled Computer
Security Threat Monitoring and Surveillance, was the
first real investigation into the importance of audit
trails in any computer system. Although it focussed on
the security issues surrounding mainframes -
specifically those in government use - the implications
have formed the basis of today’s intrusion detection
systems. And here are some of the best.
|
|
IDS Product Details
|
|
Cyclops
IDS 1.6
Company: e-Cop.net
Details: An extremely
powerful appliance-based product
with a host of additional
security features as standard.
URL: www.e-cop.net |
 |
|
|
|
Entercept
2.0
Company: Entercept
Security Technologies
Details: Uses a combination
of behavioral rules and
signatures to prevent both known
and unknown attacks from
damaging your enterprise servers
in real time.
URL: www.entercept.com/products |
|
|
|
|
IDS
Balancer 3500 Appliance
Company: Top Layer
Networks, Inc.
Details: This product
distributes workloads among
multiple intrusion detection
systems and supports both
enterprise and service provider
networks.
URL: www.toplayer.com |
|
|
|
|
IDS
Informer 3
Company: Blade Software
Details: This product has
been designed to test and
confirm that intrusion detection
systems deployed as a critical
line of defense are working
correctly. Now in version 3.1.6.
URL: www.blade-software.com |
|
|
|
|
ManHunt
Appliance 2.0
Company: Symantec
Corporation
Details: Now Symantec
ManHunt, the product will arm
your enterprise with timely
detection and critical
information, enabling you to
contain attacks and mitigate
potential damage.
URL: http://enterprisesecurity.symantec.com |
|
|
|
|
NFR
NID-200 1.1
Company: NFR security
Details: Monitors traffic
unobtrusively in real time for
suspicious activity, misuse,
abuse, attacks, anomalous
behavior and previously
undiscovered attacks.
URL: www.nfr.com |
|
|
|
|
SecoShield
3.0
Company: Secos Inc.
Details: Reads network
traffic looking for patterns of
attacks or signatures and if it
detects malicious activity
responds by destroying the
attacker's access.
URL: www.secos.com |
|
|
|
|
About the Best of 2002
This listing has been compiled from the top
products reviewed in all three editions of SC Magazine
and Online during 2002.
|
|
|
|
|
|
|
|
|
Copyright © West Coast Publishing. All rights reserved.
|
