Test lab recommendations for in-line IPS environment

Unanswered Question
Sep 5th, 2007
User Badges:

In an enterprise using an in-line IPS deployment with CSM/MARS for mgt/mon of IPS devices, what is the recommendation for a lab to test IPS changes (signatures,filters,code,etc) in production? Looking for an enterprise perspective.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
vkapoor5 Tue, 09/11/2007 - 10:15
User Badges:
  • Bronze, 100 points or more

Host-based intrusion detection and prevention devices provide MARS with detailed information about attacks seen at the host level, rather than the network level. They also provide information about the host operating system and successful prevention of attacks, both of which provide more targeted data for false positive analysis.



This Discussion