Problem solve Get help with specific problems with your technologies, process and projects.

Choosing the 'hottest' IPS on the market

What are the 'hottest' host-based IPSes available on the market?
Determining the "hottest" IPSes is really based on your company's needs and business requirements. Although a few IDS/IPS companies have huge advertising budgets, it doesn't mean they are the best. Our industry has to get by what we call the executive decision to use a product because of an advertisement or article.

Here are some IDS/IPS vendors:

There are many others IDS vendors. I recommend getting your business requirements, budget and other needs together. (In other words, get a request for proposal RFP. You can use www.sans.org if you do not have a good one) Research some of the online papers at on SearchSecurity, view some webcasts, and other papers, and then make a decision on three vendors. Contact those three vendors and have them present to you why they are the best. They should be able to provide the following:

  • 24 X 7 support
  • Upgrades in a timely manner
  • Signatures in a timely manger (like virus)
  • Excellent documentation
  • Excellent training
  • More than only one expert person on staff (don't be fooled with lower-level people)
Finally, ask around, attend ISSA meetings or other free security groups in your area.
For more info on this topic, visit these SearchSecurity.com resources:
  • Network Security Tip: Webcast Q&A -- IDS vs. IPS
  • Ask the Expert: The ABCs of intrusion detection
  • Guest Commentary: Intrusion detection is not dead but evolving into intrusion prevention
  • This was last published in July 2004

    Dig Deeper on Network intrusion detection and prevention (IDS-IPS)

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.