
	Home > Security Tips > Security Buyer's Guide > Products of the Year: Intrusion-detection systems

Security Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

SECURITY BUYER'S GUIDE

Products of the Year: Intrusion-detection systems

Information Security magazine
01.04.2005
Rating: -4.50- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

GOLD MEDAL: Dragon Intrusion Defense System
Enterasys Networks, www.enterasys.com
Rating: 79

Regardless of where you come down in the "IDS is dead" debate, you have to admit that intrusion detection's role in enterprise security has changed. While perimeter firewall and IPS vendors continue to chip away at the IDS market, IDSes are enjoying a rebirth of sorts as post-hack forensics and real-time threat management tools.

Enterasys' Dragon, our gold winner for IDS, epitomizes the transition of IDSes from "reactive detection" to "proactive correlation." Rather than firing off thousands of alerts based on single-node scanning, Dragon uses multiple virtual sensors to correlate event data from across the network and compare it to collected data on the network's vulnerability posture. The process, managed through Enterasys' Dynamic Intrusion Response (DIR) system, results in more accurate and timely intrusion management, as well as fewer false positives.

IPS vendors have long touted the benefits of stopping, not just detecting, malicious traffic. But many enterprises are reluctant to implement full-scale inline IPS for fear of blocking legitimate traffic. Some users suggest that Dragon's passive scanning combined with DIR attack correlation is a more sensible approach.

"We don't want anything inline but firewalls, routers and load balancers," says a government IT security manager. "So far, the Enterasys IDS has worked best for us."

Not to be overshadowed in the IDS vs. IPS discussion is the importance of customer support. By virtue of being first, IDS vendors have had more experience fine-tuning their support and service to well-identified customer needs. Enterasys has transformed Dragon from a stand-alone IDS to the cornerstone of its network security architecture strategy.

"Enterasys is an innovative company that understands security and how to protect you," says the CISO of another government agency. "It is willing to work with diverse organizational needs."

SILVER MEDAL: Cisco IDS
Cisco Systems, www.cisco.com
Rating: 77

USER COMMENTS: "Cisco does a good job of understanding where our threats are coming from and changing its products to address them."

"Technology-wise, it leads most of the network vendors."

BRONZE MEDAL: RealSecure Network
Internet Security Systems, www.iss.net
Rating: 71

USER COMMENTS: "ISS has a proven IDS infrastructure."

"It's the leader in the IDS market."

MORE 2004 PRODUCTS OF THE YEAR

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member.

BROWSE BY TAG

Security Buyer's Guide, Network Intrusion Detection (IDS), Network Intrusion Detection and Analysis, Enterprise Network Security, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Network Intrusion Detection (IDS)
	Preventing SQL injection attacks: A network admin's perspective
	Lifecycle of a network security vulnerability
	Best Intrusion Prevention and Detection Products
	Rogue AP containment methods
	SIMs tools and tactics for business intelligence
	IPS and IDS deployment strategies
	Know when you need IDS, IPS or both
	Trend Micro to acquire Third Brigade for virtualization, cloud security
	New product aims to control rogue applications that avoid firewalls
	How to perform a network forensic analysis and investigation
	Network Intrusion Detection (IDS) Research

Security Buyer's Guide

Keystroke dynamics makes BioPassword Internet Edition a viable authentication option

Access security with KoolSpan's SecurEdge

NetChk Protect 5.5

Biometrics: Best practices, future trends

2006 Products of the Year: Emerging Technologies

Secure Sphere 2.0

Scan & Deliver: SLAs force service providers and outsources to hit the mark ... or hit the road

Secure remote access: SSH Tectia Manager

Spycatcher Enterprise 3.2

Configuresoft's Enterprise Configuration Manager v4.7

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

computer forensics (SearchSecurity.com)

Diffie-Hellman key exchange (SearchSecurity.com)

Einstein (SearchSecurity.com)

HIDS/NIDS (SearchSecurity.com)

network behavior analysis (SearchSecurity.com)

ultrasound (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Research Solutions for Network Security, Access Control and Security Threats

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy