Evaluations of Host-Based Intrusion Prevention Systems (HIPS): Sana's Primary Response and Cisco's Cisco Security Agent1
June 2005
Dr. Edwin R. Coover, The MITRE Corporation
Duncan Thomson, The MITRE Corporation
ABSTRACT
As part of the Federal Aviation Administration's (FAA's) "Intrusion Quarantine" project,2 The
MITRE Corporation's Center for Advanced Aviation System Development (CAASD) conducted
an evaluation of two products, Sana's Primary Response and Cisco's Cisco Security Agent
(CSA).3 These two products were selected as examples of Host-based Intrusion Prevention
System (HIPS)4 technology that showed promise of meeting the Intrusion Quarantine project
goals. It is important to note that the purpose of the evaluation was not to test these specific
products against a well defined set of customer requirements, nor to make purchasing
recommendations regarding these specific products. Rather, the intent was to use MITRE's
evaluation of these products to understand the current state of technology at the time (spring of
2004). It is important to note that products in this category should be expected to evolve rapidly;
organizations considering investing in these products may wish to contact the vendors or conduct
their own testing to determine whether issues identified in this paper have been addressed or
significant new functionality has been added.
» Download Paper [PDF, 299KB]
Additional Search Keywords
N/A
|
