Re: IDS, IPS or just rubbish?

Hi Jack Ryan,

Many firewall vendors including us, support this feature for a long time such as SMTP/FTP/POP3/IMAP command filtering, file filtering, HTTP URL, method filtering, RPC program number filtering.

      I feel this capability is not a replacement for IDS/IPSes. Intrusion detection/protection systems provide misuse/exploit attempts apart from selectively terminating the connections

Regards
Ravi

-- 


The views presented in this mail are completely mine. The company is not
responsible for whatsoever.
------------------------------------------------------------------------
Ravi Kumar CH
Rendezvous On Chip (i) Pvt Ltd
Hyderabad, India
Ph: +91-40-2335 1214 / 1175 / 1184

ROC home page <
http://www.roc.co.in>

Jack Ryan wrote:

> I went to the local product launch of Checkpoint FW-1 Next Generation *Artificial Intelligence* the other day and was interested to see that this technology is nothing more than a signature-based IDS that can pass stuff on to the firewall. Funnily enough they call it "Active Defense" which is the same name NAI used to describe Cybercop talking to Gauntlet before they dropped/sold the products.









-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------