you can always go the no/low cost securityonion route for your IDS monitoring.

When just talking about standard default rules I think is where having mutiple IDS devices working together becomes valuable. High level example being maybe you run Cisco IDS/IPS along with something like SecurityOnion on the same network segment to get potentially differing views/alerts of traffic going through to compare against each other.

there's too much grey area in what you're asking. The person tuning the IDS/IPS is the one that will catch potentially malicious traffic using a variety of resources including the IDS. You can't rely on any one tool to do the work. Can you tune the device and write custom signatures to help aid in the work and narrow it down to what you want? of course but ultimately the staff is the focus not a specific device.

It is only that: a tool. By itself without staff who can interpret, other security controls, etc.... it probably would be a paperweight.

I believe a properly configured and maintained IDS used along with other aids adds value to a security program. Ultimately any additional alerts, data, insight, etc... I can get I will be more than happy to take.

while certainly pricey. those new retina displays are something to behold. i currently am using an early 2011 i7 macbook pro and have upped the ram to 16 gigs and couldn't be happier.

yes my nick on there is nconco

nice find! thanks for the share.

this is a fantastic prize. i'm going to be very very jealous to whomever gets this.

i have some free time in life again and i bought another block of lab time. about halfway through my 30 days now and i definitely agree that taking some time between my first go through of the labs and this time has helped me focus and be a lot more successful.

if you want to chat more let me know i'm always lurking in the irc channel and on here.

since this is the ethical hacker network and all.... this seems like the wrong place to be asking about sharing a subscription/login that is very clearly marked as being for only one person on the hackin9 site.

 

SRX100 is the cheapest you can pick up new they sit around 600 or 700 bucks.

i meant more for you to buy the "kit" piece by piece and stay away from the bundled packages as they are always overpriced and usually has extremely ancient hardware. you'll also learn way more by having to research images, hardware, memory, etc....

GNS3 is an excellent option if it will suit your needs. if you really want a full hands on lab going through one of these companies is definitely the "easy way" but if you go the ebay route you will save yourself a TON of money. and i mean a TON of money.

status update: one month down

i figure i would jump back in and give an update on the progress and my thoughts so far. one month down and i've been pretty good with sticking to my goal of at least an hour in the lab per day and studying the materials for a good amount of time each day i'm at work.

i have a month left in the labs and as others have said previously i would highly recommend anyone jumping in to get at minimum 60 days unless you have a good amount of pen testing experience and/or lots of free time to dedicate to the labs. more than likely i will be extending my lab time by another 30 days just to ensure i have plenty of time to dig in as deep as i possibly can. having a decent level of networking/sys admin skills and minimal security experience prior to signing up i must say i have surprised myself at how far i have come in the training and how much progress i have made in the labs. i can directly attribute my success so far to the quality of the training materials and how the training is structured. i am looking forward to the next 30 days plus and finally coming out this certification attempt alive 

Hello! Welcome!