|
Intrusion Detection Systems (IDS) Group Test (Edition 3) This report has been superseded by IDS Group Test Edition 4 and is no longer available on line. However, it does include reviews of 6 IDS products, some of which are not included in the current Edition. It is available for purchase in CD or print versions. Click here to purchase on line using our secure server. Table of Contents Introduction
Host IDS (HIDS)
"Traditional" Host IDS
File Integrity Assessment (FIA)
Intrusion Prevention Systems (IPS)
Network IDS (NIDS)
Network Node IDS (NNIDS)
Problems with IDS
Detection Methods
Pattern Matching
Stateful Pattern Matching
Protocol Decode
Heuristic Analysis
Anomaly Analysis
Which Detection Method Is The Best
The Circle of Strife Product Reviews Cisco Secure IDS 4230
Architecture
Installation
Configuration
Reporting and Analysis netForensics
Verdict
Contact Details Entercept 2.5
Architecture
How Does It Work?
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Internet Security Systems RealSecure 7.0
Architecture
RealSecure Network Sensor
RealSecure OS Sensor
RealSecure Server Sensor
RealSecure WorkGroup Manager
WorkGroup Manager Console
WorkGroup Manager Event Collector
WorkGroup Manager Enterprise Database
SiteProtector
RealSecure Fast Analysis
Installation
Configuration
Reporting and Analysis
Fast Analysis
SiteProtector
Verdict
Contact Details NFR HID 2.0
Architecture
Analyser
Dispatcher
Console
Target Agent
Installation
Configuration
Policy Definition
Vulnerability Assessment
Policy Application
Scheduler
Reporting and Analysis
Verdict
Contact Details Okena StormWatch 2.1
Architecture
StormWatch Management Control
StormWatch Intelligent Agent
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Snort 1.8.6
Architecture
Packet Decoder
Detection Engine
Logging and Alerting Subsystem
Installation
Configuration
Reporting and Analysis
Verdict
Contact Details Performance Testing
The Test Environment
Network IDS Testing Procedure
NIDS Test 1 - Attack Recognition
NIDS Test 2 - Performance Under Load
NIDS Test 3 - IDS Evasion Techniques
NIDS Test 4 - Stateful Operation Test
Host IDS Testing Procedure
HIDS Test 1 - The Attack
HIDS Test 2 - Forensic Investigation
Intrusion Prevention System Testing Procedure
HIP Test 1 - The Attack
HIP Test 2 - Forensic Investigation NIDS Test Results
Cisco Secure IDS 4230
Internet Security Systems RealSecure 7.0
Snort 1.8.6 HIDS/IPS Test Results
Entercept 2.5
NFR HID 2.0
Okena StormWatch 2.1 Summary Appendix A - Vendor Questionnaires Appendix B - The Test Equipment
Spirent Communications SmartBits SMB-6000/SMB600
SmartBits Applications
Caw Networks WebAvalanche and WebReflector
Network Critical Taps |
