As part of the FAA's Intrusion Quarantine project [2], MITRE's Center for Advanced Aviation System Development conducted an evaluation of two products.
Evaluations of Host-Based Intrusion Prevention Systems (HIPS): Sana's Primary Response and Cisco's Cisco Security Agent
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
As part of the Federal Aviation Administration's (FAA's) "Intrusion Quarantine" project [2]. The MITRE Corporation's Center for Advanced Aviation System Development (CAASD) conducted an evaluation of two products, Sana's Primary Response and Cisco's Cisco Security Agent (CSA) [3]. These two products were selected as examples of Host-based Intrusion Prevention System (HIPS) [4] technology that showed promise of meeting the Intrusion Quarantine project goals. It is important to note that the purpose of the evaluation was not to test these specific products against a well defined set of customer requirements, nor to make purchasing recommendations regarding these specific products. Rather, the intent was to use MITRE's evaluation of these products to understand the current state of technology at the time (spring of 2004). It is important to note that products in this category should be expected to evolve rapidly; organizations considering investing in these products may wish to contact the vendors or conduct their own testing to determine whether issues identified in this paper have been addressed or significant new functionality has been added.