|
Intrusion
Detection Systems (IDS)
Group Test (Edition
3)
This report has been
superseded by IDS Group Test Edition 4 and is no longer available on line.
However, it does include reviews of 6 IDS products, some of which
are not included in the current Edition. It is available for
purchase in CD or print versions.
Click here to purchase on line using our secure server.
Table of Contents
Introduction
Host
IDS (HIDS)
"Traditional"
Host IDS
File
Integrity Assessment (FIA)
Intrusion
Prevention Systems (IPS)
Network IDS
(NIDS)
Network
Node IDS (NNIDS)
Problems with IDS
Detection Methods
Pattern Matching
Stateful
Pattern Matching
Protocol Decode
Heuristic
Analysis
Anomaly Analysis
Which
Detection Method Is The Best
The Circle of
Strife
Product Reviews
Cisco
Secure IDS 4230
Architecture
Installation
Configuration
Reporting
and Analysis netForensics
Verdict
Contact Details
Entercept
2.5
Architecture
How Does It Work?
Installation
Configuration
Reporting and
Analysis
Verdict
Contact Details
Internet
Security Systems RealSecure 7.0
Architecture
RealSecure Network
Sensor
RealSecure OS Sensor
RealSecure Server
Sensor
RealSecure
WorkGroup Manager
WorkGroup Manager
Console
WorkGroup
Manager Event Collector
WorkGroup
Manager Enterprise Database
SiteProtector
RealSecure Fast Analysis
Installation
Configuration
Reporting and Analysis
Fast Analysis
SiteProtector
Verdict
Contact Details
NFR
HID 2.0
Architecture
Analyser
Dispatcher
Console
Target Agent
Installation
Configuration
Policy Definition
Vulnerability
Assessment
Policy Application
Scheduler
Reporting and
Analysis
Verdict
Contact Details
Okena
StormWatch 2.1
Architecture
StormWatch
Management Control
StormWatch
Intelligent Agent
Installation
Configuration
Reporting and
Analysis
Verdict
Contact Details
Snort
1.8.6
Architecture
Packet Decoder
Detection Engine
Logging and
Alerting Subsystem
Installation
Configuration
Reporting and
Analysis
Verdict
Contact Details
Performance
Testing
The
Test Environment
Network
IDS Testing Procedure
NIDS
Test 1 - Attack Recognition
NIDS
Test 2 - Performance Under Load
NIDS
Test 3 - IDS Evasion Techniques
NIDS
Test 4 - Stateful Operation Test
Host IDS
Testing Procedure
HIDS Test
1 - The Attack
HIDS
Test 2 - Forensic Investigation
Intrusion
Prevention System Testing Procedure
HIP Test 1
- The Attack
HIP
Test 2 - Forensic Investigation
NIDS Test Results
Cisco
Secure IDS 4230
Internet Security Systems RealSecure 7.0
Snort 1.8.6
HIDS/IPS Test Results
Entercept
2.5
NFR HID 2.0
Okena StormWatch 2.1
Summary
Appendix
A - Vendor Questionnaires
Appendix
B - The Test Equipment
Spirent
Communications SmartBits SMB-6000/SMB600
SmartBits
Applications
Caw
Networks WebAvalanche and WebReflector
Network
Critical Taps
Top
Home
|
