Third party monitoring for Intrusion Prevention/Detection
Results 1 to 3 of 3

Thread: Third party monitoring for Intrusion Prevention/Detection

  1. #1
    Senior Member
    Join Date
    Aug 2003
    Posts
    224

    Third party monitoring for Intrusion Prevention/Detection

    I've been researching several aspects of security management on different sites and forums lately on my own time to determine where the market is heading for security, IDS, protocol layer scanning, packet analisys etc. Many aspectes of intrustion prevention can easily be accomplished with a variety of tools available for free use, but, this method seems to require a higher amount of human intervention. Central management or console management is more methodical, and would be a possible candidate for putting into production.

    But, looking ahead, it seems that the new market trend will grow into 24/7/365 third party monitoring and tech notification. I'm not really at a point to say which method would most benefit the co I work for, I just see that the importance of having something a system in place will become an urgent issue when we begin to add users, remote agents and office tennants. I'm sure that many of you have reviewed many of the products available, but tell me if you know anything about the below link.
    http://www.cissr.com/products.htm

    After downloading the trial version of Retina, the sales girl has kept calling. So, I eventually make it to Retina local sales guy and then to cissr. If you have any info on these guys, or any thoughts on the subject, let me know.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    115
    Well since you are in the market, may I suggest you give GFI's LANGuard product suite a once over. They have the Network Security Scanner (N.S.S.), this tool is great for initial system assesment. Another useful tool they have is SELM, the Security Event Log Monitor. We also use this on high priority production systems. These are both run from a console, they are agentless. SELM can tie into a SQL database and email you any instances that you are auditing almost instantly in 'real time'.

    Sorry if it sounds like a sales pitch, but I must say that I am impressed thus far with the services their products provide for the cost. I think we call that 'value'.

    http://www.gfi.com/pages/prodinfo.htm

    Best of luck.
    Civilization. The death of dreams.

  3. #3
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Thanks. I will give it a try.....
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •