Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

Letters
F E A T U R E  
To Catch a Thief

  August 20, 2001
  By Patrick Mueller and Greg Shipley

Executive Summary

Intrusion Detection

Have you ever known an expensive, purebred guard dog that was well-trained, except someone forgot to teach it not to take goodies from strangers? Your average thief will get his ass bit, but a smart intruder bearing big, juicy steak could slide right past the pooch.

So it goes with the 10 IDSes we tested on our Bruisernet, at DePaul University in Chicago. Today's intrusion-detection products come at purebred prices and are all high-maintenance, requiring considerable manpower to maintain. For the most part, they will stop run-of-the-mill attacks, but experienced hackers will likely find a way in. That's the bad news. The good news is that the market has made strides, and IDS products are improving all the time.

In what may well be the most comprehensive test of IDSes ever, we deployed Cisco Systems' Secure IDS, Computer Associates International's eTrust, CyberSafe Corp.'s Centrax, Enterasys Networks' Dragon, Internet Security Systems' Black ICE (ISS acquired NetworkICE Corp. in April), ISS' RealSecure, Intrusion.com's SecureNet Pro, NFR Security's Intrusion Detection System (we also looked at Anzen Computing's FlightJacket, which was acquired by NFR in June), the open-source Snort and Symantec Corp.'s NetProwler (formerly Axent Technologies' NetProwler; Axent was acquired by Symantec in December 2000).

The test site was DePaul's network, which comprises more than 10,000 nodes with a mishmash of platforms and end users. The network averages about 38-Mbps Internet throughput, with traffic ranging between 5,000 and 7,000 packets per second. Sounds tame enough, but it chewed up and spit out many of the products within hours.

When all was said and done, we gave Dragon our Editor's Choice award. Simply stated, it did what it was supposed to do, it didn't blow up constantly, and it is suitable for large environments. Bottom line: These systems can be worthwhile; you just need to go into it with your eyes open, have realistic expectations and choose the solution that's the best fit for your environment.


   Page: 1 | 2 | 3 | Next Page

Research and Reports

Hypervisor Derby
August 2011
Network Computing: August 2011

Video


WATCH: Box.net CEO Aaron Levie Takes On Microsoft

WATCH: HP Chairman Ray Lane: Focus On Innovation

WATCH: How OpenFlow Changes Networking


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Featured Whitepapers

Featured Reports

BlogRoll

TechWeb Careers