IDS Test 1 � Attack Recognition

Attacks

Detected

Port scans

5

5

Denial of Service�

20

19

DDOS/Trojan

6

6

Web

12

12

FTP

7

7

SMTP

4

4

POP3

2

2

ICMP

2

2

Finger

8

8

Total

66

65

IDS Test 2 - Performance Under Load

0%

25%

50%

75%

100%

Small (64 byte) packet test (max 148,000pps)

100%

100%

100%

100%

92%

�Real world� packet test (max 57,000pps)

100%

100%

100%

100%

100%

Large (1514 byte) packet test (max 8176pps)

100%

100%

100%

100%

100%

IDS Test 3 - IDS Evasion Techniques

Attacks

Detected

Fragrouter

8

8

Whisker�

7

7

Total

15

15

IDS Test 4 - Stateful Operation

Attacks

Vulnerable?

Stick

1

No¹

Snot�

1

No¹

Notes:

1.�� Bad port monitor must be switched off otherwise Stick/Snot causes bad port traffic alerts on port 0

�

The latest release of the NFR NID-200 (incorporating the Anzen Flight Jacket technology acquired from Anzen Computing earlier this year) demonstrates exceptional attack recognition capabilities. This product clearly sets the pace for the competition in our more stringent Edition 2 tests, missing just one attack to score an impressive 98 per cent attack recognition rate.

It also managed 100 per cent detection rates across almost all network loads, tripping up only slightly in the small packet tests where it still achieved an exceptional 92 per cent. A perfect score in the �real world� tests is the key result, however. The stateful architecture makes it accurate and fast, and it proved resistant to all our IDS evasion techniques.

The console is not the most intuitive of those we tested, and reporting and alerting can be cumbersome at times. Most of the information you require is there, however, if you are prepared to dig for it using the Query tool.

Click here to return to the NFR NID-200 V1.1 Review
Click here to return to the NFR NID-200 V1.1 Questionnaire�
Click here to return to the IDS Index Section

Send mail to webmaster with questions or�
comments about this web site.
Copyright � 1991-2002 The NSS Group.
All rights reserved.