HPE Community
Operating System - HP-UX
1832285 Members
3013 Online
110041 Solutions
New Discussion

Re: How do you use IDS/9000?

 
SOLVED
Go to solution
Dave van Nierop
Advisor

‎07-16-2003 05:52 AM

‎07-16-2003 05:52 AM

How do you use IDS/9000?

Hello everybody,

First, my apologies since I realise that this is not a FAQ but a forum. Anyway, I am considering implementing an IDS/9000 and IPFilter, bastille configuration on our HP-UX 11.i servers but really wanted to know if there are any likes / dislikes to IDS/9000 itself ie. is it worth the effort and how does it perform as a host intrusion detection system.

I am sure there are some caveats that you won't find in reference materials anywhere, but it is my belief that you will come across likes/dislikes when you implement a product on different systems and different configurations. My application is limited to 2 servers with exactly the same configurations.

Your insight and/or comments much appreciated in advance.

Thanks a ton - Dave
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎07-16-2003 05:58 AM

‎07-16-2003 05:58 AM

Solution

Re: How do you use IDS/9000?

http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/5187-0701/5187-0701_top.html&con=/hpux/onlinedocs/5187-0701/00/00/83-con.html&toc=/hpux/onlinedocs/5187-0701/00/00/83-toc.html&searchterms=IDS/9000&queryid=20030716-075619

I love the product. Its got a GUI front end, is realatively easy to configure and can detect all kinds of instrusion attempts.

On the downside, if you turn on all the features it will totally dominate a CPU/machine.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Justin Willoughby
Regular Advisor

‎08-01-2003 05:40 AM

‎08-01-2003 05:40 AM

Re: How do you use IDS/9000?

I want to implement IDS/9000 also but have been slowed down by all the patches and java that is required to use it.

It would be nice if all the patches and java were bundled together to make my life easier.

Oh well,

- Justin
0 Kudos
Reply
Rainer von Bongartz
Honored Contributor

‎08-01-2003 05:51 AM

‎08-01-2003 05:51 AM

Re: How do you use IDS/9000?

IDS/900 is quite good stuff.

Easy to configure as it comes with pre defined schedules.
Do not install server and agent on the same box and hopefully your boxes run 11.11. Otherwise you will have to struggle with the above mentioned patches.

Regards
Rainer
He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.