[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Checkpoint IPS
- Subject: Checkpoint IPS
- From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Date: Thu, 05 Feb 2015 11:46:55 -0500
- In-reply-to: Your message of "Thu, 05 Feb 2015 09:31:49 -0500." <CACAVgUy0Q8_wHcmez2FHg0sVJUynGJ_P85AoRkn=UJ73aprcEQ@mail.gmail.com>
- References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CACAVgUy0Q8_wHcmez2FHg0sVJUynGJ_P85AoRkn=UJ73aprcEQ@mail.gmail.com>
On Thu, 05 Feb 2015 09:31:49 -0500, Terry Baranski said:
> People tend to hear what they want to hear. Surely your claim can't be that
> an IPS has never, in the history of Earth, prevented an attack or exploit.
> So it's unclear to me what you're actually trying to say here.
Count up the number of *actual* attacks they have stopped that wouldn't
have been stopped otherwise, and contrast it to the number of times they've
been used as the *basis* for an attack (DDoS via state exhaustion, for starters)
or their failure has caused operational issues. Remember that one of the
three security pillars is "Availability".
Still think they're a good idea?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150205/8efd1847/attachment.pgp>
- Follow-Ups:
- Checkpoint IPS
- From: terry.baranski.list at gmail.com (Terry Baranski)