Re: IPS comparison

From: Chuck (chuck.lists@gmail.com)
Date: Wed Jul 27 2005 - 09:33:26 EDT


Since you mentioned PCI compliance, one thing you might not be aware
of is that for your regular PCI vulnerability scans and penetration
tests you will have to disable the IPS (from the scanning systems).
An IPS will not help you in passing the PCI compliance scans.

This is documented in requirement 15 on page 4 of this document:
https://sdp.mastercardintl.com/pdf/pcs_manual.pdf

Is there a specific requirement for you to have an IPS in your system?
 There could be such a requirement for large enough systems that I am
not aware of, so I'd be interested to hear about it.

And, of course, this is not to say that IPSs are useless in a
practical sense. An IPS will provide defense in depth if you
accidentally field a vulnerable system, but it cannot be used as a
substitute for securing the underlying systems.

Chuck

On 7/26/05, Jeffrey Leggett <jleggett@interland.com> wrote:
> Ha... I am in the middle of testing and evaluating IPS solutions for my company, a large Web Hoster for PCI/CISP compliance.



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:38 EDT