Checkpoint IPS

Thu Feb 5 14:11:52 UTC 2015

Le 05/02/2015 14:28, Terry Baranski a écrit :
> On 5 Feb 2015, at 08:13, Michael Hallgren wrote:
>> Sure they will give you pretty graphs of script-kiddie attempts but 
>> that's just the noise in which the skilled attack will get lost.

No, Terry, I didn't write that ! :-)

Cheers,
mh

> Sorry but this is not even in the neighborhood of what a
> properly-implemented IPS does. 
>
> I can certainly see why you think they're worthless though. :-)
>
> -Terry
>
> -----Original Message-----
> From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Michael O Holstein
> Sent: Thursday, February 05, 2015 8:13 AM
> To: nanog at nanog.org
> Subject: Re: Checkpoint IPS
>
>
>>> `` 'IPS' devices require artificially-engineered topological symmetry-
>>> can have a negative impact on resiliency via path diversity.''
>> Dang, I thought this quote was from an April 1st RFC when I first read it.
>>
>> I hate to be the bearer of bad news, but everything we do is "artificial".
>> There are no routers in nature, no IP packets, no fiber optics. There is no
>> such thing as "natural engineering" -- engineering is "artificial" by
>> definition.
> You're forgetting that such things are rarely read (in time) by the people
> that actually implement and use such a product .. that language is targeted
> at the pointy-haired crowd.
> Salespeople *hate* it when they get a technical resource instead of a
> management one because "it's magic, it's artificial intelligence, etc." just
> doesn't fly with us.
>
> Personally I'm of the belief that *all* IPS systems are equally worthless,
> unless the goal is to just check a box on a form. Sure they will give you
> pretty graphs of script-kiddie attempts but that's just the noise in which
> the skilled attack will get lost. You have to do everything else right, you
> can't just plug the "magic box" inline and expect to relax.
>
> My 0.02.
>
> Michael Holstein
> Cleveland State University
> 2=
>