|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RE: FW: Real Secure Engine with 3 NICs -reply
From: dave druitt (dcdave
worldnet.att.net)Date: Sun Aug 22 1999 - 09:48:37 CDT
- Next message: Daniel B. Garrie: "RE: Napter Traffic Recognition"
- Previous message: Marc Delince: "RE: RealSecure Console traffic to Microsoft-Global-Net"
- In reply to: Gavin_Adamsey.bm: "Re: FW: Real Secure Engine with 3 NICs -reply"
- Next in thread: Al_Weveramway.com: "Re: FW: Real Secure Engine with 3 NICs -reply"
- Reply: dave druitt: "RE: FW: Real Secure Engine with 3 NICs -reply"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
majordomoiss.net Contact issforum-owneriss.net for help with any problems!
----------------------------------------------------------------------------
You can always pick the NIC to monitor, or swap to the other NIC, with the
engine options tab...
Warm Regards,
DC Dave
-----Original Message-----
From: owner-issforumiss.net [mailto:owner-issforumiss.net]On Behalf Of
Gavin_Adamsey.bm
Sent: Friday, February 18, 2000 8:58 AM
To: Lunsford, Scott
Cc: 'issforumiss.net'
Subject: Re: FW: Real Secure Engine with 3 NICs -reply
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
majordomoiss.net Contact issforum-owneriss.net for help with any
problems!
----------------------------------------------------------------------------
Is this option still available from ISS? I recently spoke with them to
provide configuration details, and they said that multi-NIC configs are no
longer available. Essentially, a seperte $8K engine is required for each
segment to be monitored.
I'd like to investigate a multi-NIC option if it is available. (NT or
Solaris)
"Lunsford, Scott" <SLunsfordverticalone.com> on 16/02/2000 18:08:07
To: "'issforumiss.net'" <issforumiss.net>
cc: (bcc: Gavin Adams/CONSUL/ErnstYoung/BM)
Subject: FW: Real Secure Engine with 3 NICs -reply
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
majordomoiss.net Contact issforum-owneriss.net for help with any
problems!
---------------------------------------------------------------------------
-
Actually, this is an ideal IDS architecture. We use this configuration to
monitor our external ethernet segments (external being outside the
firewall). We have 2 nics in the RealSecure box. One nic is connected to
the external network strictly listening (stealth mode), the other nic is
connected to our internal network and is used to communicate with the
console. We find this to be ideal.
Scott Lunsford
> -----Original Message-----
> From: Mark.Teicherpredictive.com [mailto:Mark.Teicherpredictive.com]
> Sent: Thursday, February 17, 2000 7:34 AM
> To: Benjamin Mah
> Cc: issforumiss.net
> Subject: Re: Real Secure Engine with 3 NICs -reply
>
>
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of
> your message to
> majordomoiss.net Contact issforum-owneriss.net for help
> with any problems!
> --------------------------------------------------------------
> --------------
>
> It works, but it is not an ideal IDS architecture. Is there
> a reason why
> you are setting up your IDS system this way??
>
> /m
>
>
>
>
> "Benjamin Mah" <benpt.com.sg>
> Sent by: owner-issforumiss.net
> 02/14/00 04:57 PM
>
>
> To: <issforumiss.net>
> cc:
> Subject: Real Secure Engine with 3 NICs
>
>
>
> I am trying to do an engine with 3 NICs which means there
> will be 2 NICs
> without any IPs and IP forwarding ... the last NIC would
> have an internal
> IP address which reports back to the internal Console... Has
> anyone tried
> this ? Does this work ? Are there any security complication
> if i really
> implement this ?
>
> Thanks
> BenJiZs
>
>
>
>
---------------------------------------------------------------------------
This message is intended only for the use of the individual or entity to
which it is addressed and may contain information which is privileged,
confidential or subject to copyright. Ernst & Young disclaim all
responsibility and accept no liability (including negligence) for the
consequences for any person acting, or refraining from acting, on such
information prior to the receipt by those persons of subsequent written
confirmation. Any unauthorised use, disclosure, distribution or copying of
this communication by anyone other than the intended recipient is strictly
prohibited. When addressed to our clients any opinions or advice contained
in this email are subject to the terms and conditions expressed in the
governing Ernst & Young client engagement contract.
If you have received this message in error, please notify us immediately
by telephone at +1-441-295-7000 and destroy and delete the message
from your computer.
- Next message: Daniel B. Garrie: "RE: Napter Traffic Recognition"
- Previous message: Marc Delince: "RE: RealSecure Console traffic to Microsoft-Global-Net"
- In reply to: Gavin_Adamsey.bm: "Re: FW: Real Secure Engine with 3 NICs -reply"
- Next in thread: Al_Weveramway.com: "Re: FW: Real Secure Engine with 3 NICs -reply"
- Reply: dave druitt: "RE: FW: Real Secure Engine with 3 NICs -reply"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]