Checkpoint IPS

• Previous message (by thread): Checkpoint IPS
• Next message (by thread): Checkpoint IPS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 05 Feb 2015 09:31:49 -0500, Terry Baranski said:

> People tend to hear what they want to hear. Surely your claim can't be that
> an IPS has never, in the history of Earth, prevented an attack or exploit.
> So it's unclear to me what you're actually trying to say here.

Count up the number of *actual* attacks they have stopped that wouldn't
have been stopped otherwise, and contrast it to the number of times they've
been used as the *basis* for an attack (DDoS via state exhaustion, for starters)
or their failure has caused operational issues.  Remember that one of the
three security pillars is "Availability".

Still think they're a good idea?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150205/8efd1847/attachment.sig>

• Previous message (by thread): Checkpoint IPS
• Next message (by thread): Checkpoint IPS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]