http://www.vnunet.com/News/1127283 By James Middleton in Rome 03-12-2001 Open source security products are ready to mount a massive challenge in the intrusion detection market, according to experts. Security consultant NSS Group tested 16 IDS products from big vendors including Cisco, ISS, Computer Associates and Symantec, along with one freeware open source product called Snort. "In our tests Snort was the top performer - we were blown away by it," said Bob Walder, director of the NSS Group. "It was better than all the commercial products we tested." However, he warned that "installing an Open Source product is a lot more work, you have to build on the installation", but the conclusion is that Snort offered a better foundation for IDS. Other experts present at the NetEvents security forum in Rome said that although companies are concerned about the high costs associated with IT security, many think that "good security policy amounts to an expensive enough consultant." David Love, ex-chief of security for NATO Europe and ex-head of security for the RAF, now working for Computer Associates, said: "Nowhere else in the industry is it possible to waste money as quickly as on IT security, especially since 11 September. These people running companies should understand the risks, but they are often of a computer illiterate age." It seems that commercial security vendors may be able to learn a thing or two from the open source community, which may now put pressure on the market by offering a cheap and effective alternative. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 01:58:32 PST