|
Gigabit Intrusion Detection Systems
Group Test (Edition
1)
This report has been
superseded by Gigabit IDS Group Test Edition 2 and is no longer available on line.
However, it does include reviews of 5 IDS products, some of which
are not included in the current Edition. It is available for
purchase in CD or print versions.
Click here to purchase on line using our secure server.
Table of Contents
Introduction
Host IDS (HIDS)
'Traditional'
Host IDS (HIDS)
File
Integrity Assessment (FIA)
Network IDS (NIDS)
Network Node IDS
(NNIDS)
Intrusion
Prevention Systems (IPS)
Host IPS (HIPS)
Network IPS (NIPS)
Gigabit IDS
Which
Technology Is The Best
Problems with IDS
Detection Methods
Pattern Matching
Stateful Pattern
Matching
Protocol Decode
Heuristic Analysis
Anomaly Analysis
Which
Detection Method Is The Best
Moniter-Evaluate-Modify:
The Security Cycle
Product Reviews
Cisco IDS V4.0
Architecture
Installation
Configuration
Alert Handling
Reporting and Analysis
Verdict
Contact Details
Internet
Security Systems RealSecure 7.0 Gigabit Sensor
Architecture
RealSecure Network Sensor
RealSecure OS Sensor
RealSecure Server Sensor
RealSecure Workgroup Manager
Workgroup Manager Console
Workgroup Manager Event Collector
Workgroup Manager Enterprise Database
Workgroup Manager Asset Database
SiteProtector
RealSecure FastAnalysis
Installation
Configuration
Reporting and Analysis
FastAnalysis
SiteProtector
Verdict
Contact Details
Intrusion
SecureNet 7145C V4.3
Architecture
SecureNet Sensor
SecureNet Linux Console
SecureNet Provider
Web Browser Interface (WBI)
Command Life Interface (CLI)
Stateful Intrusion Detection Engine
Protocol Decode Engine
Network Grep Engine
Installation
Configuration
Alert Handling
Reporting and Analysis
Verdict
Contact Details
IntruVert
IntruShield 4000 V1.2
Architecture
The IntruShield 2600 Sensor
The IntruShield 4000 Sensor
Monitoring Modes
Detection Engine
Virtual IDS (VIDS)
Hardware Accellation
IntruShield Security Management System (ISM)
IntruVert Update Server
Installation
SPAN/Hub Operationg Mode
Tap Operating Mode
In-Line Mode
Configuration
Alert Handling
Reporting and Analysis
Verdict
Contact Details
Symantec
ManHunt V2.11
Architecture
ManHunt Sensor
FlowChaser
Handoff Receiver
MSA Event Coordinator
Analysis Framework
Reporting Module
ManHunt Clusters
Fail Over Groups
Communication Between Hosts
Installation
Configuration
Alert Handling
Reporting and Analysis
Incident and Event Logs
Verdict
Contact Details
Performance
Testing
The Test
Environment
NIDS Test 1 - Attack Recognition
NIDS Test 2 - Performance Under Load
NIDS Test 3 - IDS Evasion Techniques
NIDS Test 4 - Stateful Operation
Test Results
Cisco
IDS V4.0
Internet Security Systems RealSecure 7.0 Gigabit Sensor
Intrusion SecureNet 7145C V4.3
IntruVert IntruShield 4000 V1.2
Symantec ManHunt 2.11
Summary
Appendix
A - Vendor Questionnaires
Appendix
B - The Test Equipment
Spirent
Communications SmartBits
SmartBits
Applications
Caw
Networks WebAvalanche and WebReflector
Network
Critical Taps
Top
Home
|
