02-08-2008 07:13 AM - edited 03-09-2019 08:04 PM
Can anyone clearly differenciate between the MARS & IPS?
02-08-2008 10:20 AM
MARS is a centralized logging device with additional functionality. IPS is an intrusion detection/prevention appliance.
is that enough, or were you hoping for more insight?
02-08-2008 11:12 PM
Mars is a correlation engine. i.e it takes logs from all devices in the network like routers,switches,IPS,application servers,firewalls etc. After taking the logs, it correlates the events and creates an incident out of those events. In Mars you also can see the actual path of the attack and you can mitigate the attack by sending Mars recommended conifguration to the devices.
HTH
zubair
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide