|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: IDS: Gigabit IDS
From: Brian Koref (briank
conxion.net)Date: Fri Jul 07 2000 - 12:30:07 CDT
- Next message: Jackie Chan: "Re: IDS: Gigabit IDS"
- Previous message: Jeffrey Dell: "IDS: Gigabit IDS"
- In reply to: Jeffrey Dell: "IDS: Gigabit IDS"
- Next in thread: Jackie Chan: "Re: IDS: Gigabit IDS"
- Reply: Brian Koref: "Re: IDS: Gigabit IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
-----------------------------------------------------------------------------
I don't know of a product which can do IDS at Gigabit speeds
without dropping packets. I've done some testing with ISS
Realsecure and started dropping packets at about 15Mbps. Of
course I was only using a Sparc Ultra 5. ISS claims that they have
visibility into higher bandwidths with more robust hardware
configurations. Dragon can apparantly handle higher bandwidths,
although I'm not sure of the numbers. I conducted an interesting
test utilizing the TopLayer App switch with ISS RealSecure net
engines and was able see more traffic. So, there is a possibility of
being able to do IDS in a gigabit environment, however you'll need
to balance traffic using some sort of Application Switch. -BK
On 7 Jul 2000, at 8:07, Jeffrey Dell wrote:
> Archive: http://msgs.securepoint.com/ids
> FAQ: http://www.ticm.com/kb/faq/idsfaq.html
> IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
> HELP: Having problems... email questions to ids-owneruow.edu.au
> NOTE: Remove this section from reply msgs otherwise the msg will bounce.
> SPAM: DO NOT send unsolicted mail to this list.
> UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
> -----------------------------------------------------------------------------
>
> I know there are many good IDS products out there, but we are in need of a
> solution that can handle gigabit speeds. Are there any products out there
> that can truly handle these high speeds without dropping packets? Has anyone
> used products such as Kane as an IDS solution on gigabit routers/firewalls?
> Thanks in advance,
>
> Jeff
>
- Next message: Jackie Chan: "Re: IDS: Gigabit IDS"
- Previous message: Jeffrey Dell: "IDS: Gigabit IDS"
- In reply to: Jeffrey Dell: "IDS: Gigabit IDS"
- Next in thread: Jackie Chan: "Re: IDS: Gigabit IDS"
- Reply: Brian Koref: "Re: IDS: Gigabit IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]