Endpoint Protection

 View Only
  • 1.  SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 09:39 AM
    I want to install SEP on my Linux machines and am wondering if I can put the Intrusion Prevention feature on there in addition to the anti-virus?


  • 2.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 09:51 AM



  • 3.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 09:57 AM
    There is no SEP for Linux
    However you can use SAV for Linux but it's only Antivirus and there is no IP in that (however there are few good Free/OSS for Linux)


  • 4.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 10:04 AM
    Mainly use CentOS in our environment. Know of a good intrusion prevention solution for that?


  • 5.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 10:10 AM
    Snort would be the first thing to look


  • 6.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 10:13 AM
    Thank you. I appreciate it.


  • 7.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 10:14 AM



  • 8.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 10:59 AM
    Was thinking, I wonder if Snort will report back to me data about all my Linux machines? My scenario - I have a few Linux machines. I would like to possibly put this product on there and have it report back to some central management console (comparable to the SEP Manager). Do you know if Snort does that? This way I could ensure they are all up-to-date.


  • 9.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 01, 2009 02:15 PM
     For IPS/IDS, you could try Symantec Critical Systems Protection.  This is typically reserved for servers though.

    SAV for linux is currently an unmanaged node with the ability to be managed a long time away from what I gather.


  • 10.  RE: SEP for Linux - Intrusion Prevention

    Posted Apr 02, 2009 04:58 AM
    I'm not Sort specialist so you will have to refer to documentation or to uncle google ;)