Please check with your Cisco SE or contact Cisco TAC _before_ you attempt to
apply NBAR filtering techniques to your ingress routers. With the volume of
traffic I am seeing at my client sites, NBAR taxes the router cpu's heavily
and will likely result in an unstable router unless you have _serious_
horsepower.

I'm not going to speculate on minimum required horseys for your particular
router because there are too many variables. I will say that one client has
AT&T managed DS3's on 7200's. AT&T refuses to use NBAR to filter for worm
sigs on these routers given current traffic volume. I have escalated this
all the way up to the "product house" manager for the managed service and
they have proven to me beyond reasonable doubt that this will overtax the
router.

I have also spoken to an anonymous source at Cisco who claims that many of
his accounts have tried to use NBAR at the ingress point with varying levels
of success and side effects, but most are deciding it's too unstable.

Your readers would be wise to check with their Cisco contacts first!
...Kevin

============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE

If you are worried about email viruses, you need Trend Micro ScanMail for
Exchange. ScanMail is the first antivirus solution that seamlessly
integrates with the Microsoft Exchange 2000 virus-scanning API 2.0. ScanMail
ensures 100% inbound and outbound email virus scanning and provides remote
software management. Download a FREE 30-day trial copy of ScanMail and find
out why it is the best:
http://www.antivirus.com/banners/tracking.asp?si=8&BI;=240&UL;=/smex2000
============================================================================

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]