Looking for good HIP.

Application security
Current threats
Digital certificates
Disaster Recovery
human factors
Identity & Access Management
Incident response
Instant Messaging
Intrusion management
Microsoft Exchange
Network security
Risk management
Secure Coding
Security Program Management
Security tokens
Single sign-on
Hi, I am looking for a good Host-based Intrusion Prevention System to be implemented on Intel Servers in my Company. Is there anything you would recommend...?

Answer Wiki

Thanks. We'll let you know when a new response is added.

You could try bluebox or Third Brigade, these are the best I have seen.

Discuss This Question: 9  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Layer9
    Sure, We sell very good HIDS product called BLINK, by eEye Digital Security. As HIDS go it's cost effective and very simple to implement. Chris Weber Layer9corp.com
    0 pointsBadges:
  • Mazzie
    Hi, McAfee Entercept is the one i'd recommend. Ray
    0 pointsBadges:
  • Whitecap
    The previous answers are all sound. However, it also depends on whether you want to spend any money or not and what OS you are using. If you are using Win2K3SP1 then running the advance security configuration Wizard and enabling the firewall does quite a sound job of locking the server down (plus of course keeping up to date with your patches) at no cost. If you have a budget and/or a mixed Wintel environment then Cisco, CA and Entrust all supply very effective products.
    0 pointsBadges:
  • Marcjacquard
    I had to do "due dilligence" on this subject a few years ago for a large financial corporation. McAfee Entercept won hands down. It is by far the best product on the market. So far, in all testing, it is the only one that did not let exploits in on unpatched machines. If you decide to bench the products, the top three are ISS, McAfee and Cisco CSA. See if you can get a copy of Core Impact and then test each agent to see if you can get into the box. McAfee actually uses Core to demonstrate their product.
    0 pointsBadges:
  • Klyph100
    We have been looking at this for an alternative www.lightspeedsystems.com let me know what you think Klyph
    0 pointsBadges:
  • Gforce11
    DISCLAIMER: I may be straddling the fence between selling and disseminating new information here. We will soon be selling a new technology that incorporates the next generation of intrusion counter measures, which we have coined IQS, for Intrusion Quashing System. I suppose it could stand for a more intelligent approach to security, since unauthorized access attempts just fall off the system as non-events.(no packet inspections, behavioral analysis, signatures or false positives) This is a comprehensive security solution, more than just a HIP solution, which provides end-to-end security including protection against internal intrusion by providing a trusted operating environment. Like HIPS, it is a commercial product, but with greater ROI. Happy to chat about it with anyone interested, for future reference.
    0 pointsBadges:
  • Gregb2468
    We use Cisco IDS boxes. They are also fairly straightforward to implement and do a great job. We ran an intrusion/penetration test just last month and they did the job.
    0 pointsBadges:
  • Footerest
    We have been using ISS Server Sensor for 3-4 years now. We are curently using 7.0 on 210 servers. I highly recommend it especially the SiteProtector console functionality.
    5 pointsBadges:
  • JakubK
    Thanks guys. Some tools you mentioned here look very promising. Thanks again. Jakub.
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: