This is a discussion on Re: [fw-wiz] How should an Internet connection/firewall be designed? - Firewalls ; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 18 Jan 2007, Dave Piscitello wrote: [SNIP] > >> How many companies still use IDS? > > Depends on your use of the word "use" - lots still have IDS and IPS ...
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 18 Jan 2007, Dave Piscitello wrote:
>> How many companies still use IDS?
> Depends on your use of the word "use" - lots still have IDS and IPS connected
> to networks. I suspect fewer meaningfully improve their security profile
> because they have dummied them down, or don't use what they monitor. I'm
> among the "A properly configured and administered firewall is often as good
> or better than IDS because it *is* IPS" radicals.
Actually a minor correction or perception here, most implementations of
IDS systems have traditionally been of no real benefit to an organizations
security posture, since the vast majority were and remain placed in a poor
place or position of the security environment to serve any real or
significant purpose, since the vast majority of these were positioned in
front of the firewall on the outside of the perimeter of the network.
Their main purpose being to enhance budgets and head counts.
admin & senior security consultant: sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
....We waste time looking for the perfect lover
instead of creating the perfect love.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
firewall-wizards mailing list