|
Intrusion Detection Systems (IDS) Group Test (Edition 2) This report has been superseded by IDS Group Test Edition 3 and is no longer available on line. However, it does include reviews of 16 IDS products, many of which are not included in the current Edition. It is available for purchase in CD or print versions. Click here to purchase on line using our secure server. Table of Contents Introduction
Host IDS (HIDS)
Network IDS (NIDS)
Network Node IDS (NNIDS)
Problems with IDS
Detection Methods
The Circle of Strife Product Reviews Cisco Secure IDS V2.5
Architecture
Installation
Configuration
Reporting and Analysis - netForensics
Verdict
Contact Details CA eTrust Intrusion Detection V1.4.5
Architecture
eTrust Intrusion Detection Enterprise
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details CyberSafe Centrax 2.4
Architecture
Installation
Configuration
Policy Definition
Vulnerability Assessment
Policy Application
Scheduler
Reporting and Analysis
Verdict
Contact Details Enterasys Dragon Sensor 4.2
Architecture
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Entercept 2.01
Architecture
How Does It Work?
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Intrusion Inc. SecureNet Pro 4.0
Architecture
SecureNet Pro Sensor
SecureNet Pro Console
Communication Architecture
Sensing Architecture
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details ISS Real Secure 5.0
Architecture
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details LanGuard S.E.L.M
Architecture
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Network Ice BlackIce Sentry
Architecture
Pattern Matching v Protocol Analysis
Installation
Centralised Deployment via InstallPac
Configuration
BlackICE GUI
Firewall
Logging
Management via ICEcap
Reporting and Analysis
Verdict
Contact Details NFR NID-200 V1.1
Architecture
Administration Interface (AI)
Central Management Server (CMS)
NID Sensor
Sensor Engine
Backends
Packages
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details nSecure nPatrol IDS V1.3.2
Architecture
nPatrol Engine
nPatrol Internal Agent
nPatrol External Agent
nPatrol Anomaly Agent
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Snort 1.8.1
Architecture
Packet Decoder
Detection Engine
Logging & Alerting Subsystem
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Symantec Intruder Alert 3.5
Architecture
Installation
Configuration
Reporting and Analysis
Event Viewer
Report Generator
Verdict
Contact Details Symantec NetProwler 3.5.1
Architecture
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Tripwire for Servers V2.4.2
Architecture
Tripwire for Servers
Tripwire Manager
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Performance Testing
How We Tested
Test Results
Summary - Performance Testing Summary Appendix A - Vendor Questionnaires Appendix B - The Test Equipment Appendix C - The Test Network |
