OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
IDS Archives: RE: IDS: RE: IDS taps in a switched network (The

RE: IDS: RE: IDS taps in a switched network (The right tools for the job)

Trevor Schroeder (tschroedacm.org)
Sun, 31 Oct 1999 21:19:09 -0600 (CST)

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
--------------------------------------------------------------------------- 

---
On Sun, 31 Oct 1999, Ron Gula wrote:

> - As far as building IDS right into the switch, I'm all for it, but I think
>   it is a radical departure for switch manufacturers. Consider Cisco's 
>   attempts to put IDS onto a router card. I have not used this product, but
>   the word is it that it detects <50 attacks. 

I'm not so sure that it's such a radical departure.  Switch mfgrs and
consumers are starting to find that the best place to put some stuff is
right in the switch.

Take a look at layer 4-7 switches.  The concept is not all that different
from in-switch IDS and the performance can be quite good.  Of course, you
pay a premium for a switch with that much smarts...
..........................................................................
: "I knew it was going to cost me my head and also my swivel chair, but  :
: I thought: What the hell--better men than I have risked their heads    :
: and their swivel chairs for truth and justice." -- James P. Cannon     :
:........... http://www.zweknu.org/ for PGP key and more ................:

This archive was generated by hypermail 2.0b3 on Mon Nov 01 1999 - 11:42:05 CST