Unanswered Question
Feb 8th, 2008

Can anyone clearly differenciate between the MARS & IPS?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Fri, 02/08/2008 - 10:20

MARS is a centralized logging device with additional functionality. IPS is an intrusion detection/prevention appliance.

is that enough, or were you hoping for more insight?

zubairjalal Fri, 02/08/2008 - 23:12

Mars is a correlation engine. i.e it takes logs from all devices in the network like routers,switches,IPS,application servers,firewalls etc. After taking the logs, it correlates the events and creates an incident out of those events. In Mars you also can see the actual path of the attack and you can mitigate the attack by sending Mars recommended conifguration to the devices.




This Discussion