RE: [Snort-users] Appliances using free software
This is a discussion on RE: [Snort-users] Appliances using free software within the Snort forums, part of the System Security and Security Related category; Maybe someone from ISS or someone who uses Site Protector here can jump in, perhaps ISS doesn't support Snort ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-11-2005
|
|||
|
|||
RE: [Snort-users] Appliances using free software
Maybe someone from ISS or someone who uses Site Protector here can jump in,
perhaps ISS doesn't support Snort alerts.. but I do know they allow you to use Snort signatures but was told by an ISS sales rep once upon a time ago that they can't guarantee the performance anymore when using them. Looking at the ISS site, I don't see anything on that anymore -- perhaps they killed it? Anyone here use it and can say for sure if it supports Snort alerts or not? I do agree with Paul though, you can not manage Snort from Site Protector. Best Regards, Eric Hines, GCIA, CISSP CEO, President, Chairman Applied Watch Technologies, LLC 1095 Pingree Rd. Suite 213 Crystal Lake, IL 60014 Tel: (877) 262-7593 e:327 Fax: (877) 262-7593 Mob: (847) 456-6785 Web: http://www.appliedwatch.com ---------------------------------------------------------------------------- - Enterprise Snort Management at http://www.appliedwatch.com. Security Information Management for the Open Source Enterprise. ---------------------------------------------------------------------------- - -----Original Message----- From: Paul Schmehl [mailto:pauls@utdallas.edu] Sent: Thursday, August 11, 2005 3:52 PM To: Jeff Dell; 'Eric Hines'; 'Gutemberg A. Vieira'; snort-users@lists.sourceforge.net Subject: RE: [Snort-users] Appliances using free software --On Thursday, August 11, 2005 16:10:04 -0400 Jeff Dell <jdell@activeworx.com> wrote: > I thought we were done with the marketing on this list... > >> Unlike Sourcefire, we allow you to use the free, open source version >> of Snort instead of requiring our appliance purchase. > > Before you say what a competitor can or can't do in a public forum you > should really check to see if it is true. > > From: http://www.sourcefire.com/products/is_agent.html > > The Sourcefire Intrusion Agent allows open source Snort users to do > more than just detect intrusions; it enables a single Sourcefire > Defense Center to aggregate event information from one or more Snort > sensors alongside data from Sourcefire Intrusion Sensors and Sourcefire RNA sensors. > Well, yeah, but *his* question was, "It is possible to manage snort agents IDS/IPS using a ISS console?" The "ISS console" he refers to is Site Protector, and I doubt seriously that you can manage snort sensors with it. However, you *might* be able to integrate the *data* from snort sensors into the Site Protector interface. I don't know that for certain, so you'd have to check the docs. Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
