[ISN] Open source mounts IDS challenge

From: InfoSec News (isnat_private)
Date: Tue Dec 04 2001 - 00:42:35 PST

  • Next message: InfoSec News: "[ISN] Linux Security Week - December 3, 2001"

    By James Middleton in Rome 
    Open source security products are ready to mount a massive challenge
    in the intrusion detection market, according to experts.
    Security consultant NSS Group tested 16 IDS products from big vendors
    including Cisco, ISS, Computer Associates and Symantec, along with one
    freeware open source product called Snort.
    "In our tests Snort was the top performer - we were blown away by it,"
    said Bob Walder, director of the NSS Group. "It was better than all
    the commercial products we tested."
    However, he warned that "installing an Open Source product is a lot
    more work, you have to build on the installation", but the conclusion
    is that Snort offered a better foundation for IDS.
    Other experts present at the NetEvents security forum in Rome said
    that although companies are concerned about the high costs associated
    with IT security, many think that "good security policy amounts to an
    expensive enough consultant."
    David Love, ex-chief of security for NATO Europe and ex-head of
    security for the RAF, now working for Computer Associates, said:
    "Nowhere else in the industry is it possible to waste money as quickly
    as on IT security, especially since 11 September. These people running
    companies should understand the risks, but they are often of a
    computer illiterate age."
    It seems that commercial security vendors may be able to learn a thing
    or two from the open source community, which may now put pressure on
    the market by offering a cheap and effective alternative.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 01:58:32 PST