Hosting Provided By

AW: General term for Gateway IDS, IDP, IPS ...

From: Liesen, Detmar (LDS) <Detmar.Liesen(at)lds.nrw.de>
Date: Thu Jun 05 2003 - 02:56:17 EDT

Although people call their products "Intrusion Prevention Systems" this is a misleading term.
IMHO prevention is something you are doing _before_ attacks occur, like patching your systems and doing vulnerability-checks. A better term would be attack-blocking system or something similar.

A general term for all those Gateway-IDS-like systems can be derived from the deployment-method.
Other than passive IDS, which is attached to the network, the systems known as IPS, IDP and Gateway-IDS are deployed inline.

So a general term for this kind of systems could be the term In-Line-IDS, which does not provide for such a cool abbreviation for marketing, I know... But using this term, everyone understands what kind of system you are talking about.

Those who don't know such systems can imagine what is meant from the word in-line.

What methods of attack detection and countermeasures are supported varys from product to product.

I hope this helps.

Greetings,
Detmar

-----Ursprungliche Nachricht-----
Von: Masamichi Tateoka [mailto:tateoka@yasai.forus.or.jp] Gesendet: Mittwoch, 4. Juni 2003 16:54
An: focus-ids@securityfocus.com
Betreff: General term for Gateway IDS, IDP, IPS ...

Do you need help?

Hi,

I'd like to know the general term for Gateway IDS, IDP, IPS ...

Last year, it was discussed about Gateway IDS
- the device that work like a firewall but additionally can block packets
after an correlation with IDS signatures - on this ML.

Now, there are some commercial products, NetScreen NetScreen-IDP, Symantec Symantec Gateway Security,TopLayer Attack Mitigator IPS, and Sanctum AppShield.
Actually I also made MAGNIA2000Ri/Anti-Hacker for Toshiba Corp. ( http://cn.toshiba.co.jp/prod/iaserver/magnia/2000ri/anti/index.htm Sorry Japanese page only.)

I'd like to know the general term for these device. Now I explain my product like this,
"The device for protect Web Server from the attack that we can't protect by firewall." ( Too long!! X-( )

I know NetScreen call their products "Intrusion Detectsion and Prevention solution."
And also TopLayer call their products
"Intrusion Prevention Solutions."
But It seems there terms are not so common.

Any suggestion is welcome.

Thank you.

                                  Masamichi Tateoka
                                  ( tateoka@yasai.forus.or.jp )

-------------------------------------------------------------------------------

INTRUSION PREVENTION: READY FOR PRIME TIME? IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
- including intrusion identification, relevancy, direction, impact and analysis

enabling a path to prevention.

Do you need more help?

Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at:
http://www.securityfocus.com/IntruVert-focus-ids2

enabling a path to prevention.

Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2

Received on Thu Jun 5 18:27:55 2003

This message: [ Message body ]
Next message: Matthew s Barnes: "Re: IDS CENTER QUESTION"
In reply to Ravi: "Help in evaluating Inline IDS/IPS solution"
Next in thread: stefmit: "Re: AW: General term for Gateway IDS, IDP, IPS ..."
Reply: stefmit: "Re: AW: General term for Gateway IDS, IDP, IPS ..."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:13 EDT