Syngress Book Examines IPSes

 
 
By Cameron Sturdevant  |  Posted 2005-04-18 Print this article Print
 
 
 
 
 
 
 

Syngress Publishing's "Intrusion Prevention and Active Response: Deploying Network and Host IPS" is well worth reading for its insight into open-source intrusion prevention systems at the network and host levels.

Syngress Publishings "Intrusion Prevention and Active Response: Deploying Network and Host IPS" is well worth reading for its insight into open-source intrusion prevention systems at the network and host levels.

The authors liberally sprinkle the book with examples of open-source IPS implementations to show how network managers can protect legacy systems that cannot be patched. In fact, the premise of the book seems to be that IPSes should be used only when other protective systems cannot.

This has been borne out in my IPS testing. Commercial IPSes are expensive, finicky to set up, require frequent maintenance and are still regularly subject to false-positive reactions.

Although the 416-page book has considerable technical merit, it is filled with grammatical mistakes that often forced me to reread entire sections to see if what was written was really what the authors meant to say.

"Intrusion Prevention and Active Response: Deploying Network and Host IPS," by Michael Rash, Angela Orebaugh, Graham Clark, Becky Pinkard and Jake Babbin, costs $49.95 and is available at www.syngress.com.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
 
 
 
 
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel