Educational Incident Data Comparison Pilot (X-Post)

From: Alfred Huger (alfred_hugerat_private)
Date: Tue Apr 01 2003 - 15:50:44 PST

Next message: Stuart Wallace: "RE: Why alerts on ports 1025-1029, 1036"

Previous message: Dan Hanson: "New Article: U.S. Information Security Law, Part 2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all,

Symantec is starting a free pilot program for Educational institutions
around to world to compare their Firewall and IDS incident data.  In
specific the pilot will allow for educational facilities to contrast their
own Incident data with that of other educational facilities, and the rest
of the world, on a near real-time basis.  With this reporting, pilot users
will be able to obtain detailed statistics on how their organization
contrasts the rest of the world.  They will be able to run granular
reports, including reports on specific attackers and event types (IDS and
Firewall).  These reports will provide a comparison of attacks targetting
your own network, contrasted with those seen by other users within the
DeepSight Threat Management System.  The DeepSight Threat Management System
currently monitors data from educational institutions in over 50 countries.
In addition to this pilot users get full (free) access to the DeepSight
Threat Management System . More can be read about this system at:

http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=158&EID=0

The basic requirements for this Pilot are as follows:

1. You must be an educational institution
2. You must run one of the supported IDS or Firewall systems, configured on
an external network interface, exposed to the Internet.

 BlackIce 2.0-3.x
 Cisco IOS 12.x
 Cisco PIX 4.2-5.1
 Cisco Secure IDS (Netranger) 2.5-3.0
 Enterasys Dragon 4.2.2
 Check Point Firewall-1 Next Generation, NG
 IP Chains
 IPF
 NetProwler  3.5x
 NetScreen 200, 100, 50, 25, 5XP
 RealSecure 3.1-5.5, 6.00-7.0
 Snort 1.6-1.9.x
 Snort Portscan 1.6-1.9.x
 ZoneAlarm 2.6.0

3. You must be willing to contribute this data to the system for comparison
on a timely basis.
4. You must have a minimum of 20,000 IP addresses monitored.

If you are interested in this Pilot please mail me directly and I will
respond including more specific data including sample reports, screenshots
etc.


Alfred Huger
Senior Director, Engineering
Symantec



----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents

Next message: Stuart Wallace: "RE: Why alerts on ports 1025-1029, 1036"
Previous message: Dan Hanson: "New Article: U.S. Information Security Law, Part 2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 01 2003 - 16:21:48 PST