brian.eckertATTWS.COM

• Next message: Drew Simonis: "Re: IDS on switch with multiple VLANs"
• Previous message: Ron Gula: "Re: host ids service"
• Maybe in reply to: Michael Young: "IDS on switch with multiple VLANs"
• Next in thread: Maddy: "Re: IDS on switch with multiple VLANs"
• Next in thread: North, Jason: "Re: IDS on switch with multiple VLANs"
• Maybe reply: Eckert, Brian: "Re: IDS on switch with multiple VLANs"
• Reply: Maddy: "Re: IDS on switch with multiple VLANs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You might want to look into Ethernet Taps. eTaps cost from $400 to $600
each.

thx...b

Brian W. Eckert
AT&T Wireless Services
NDCO Security Project Manager
(o)214.547.2191
(c)214.213.8981
(f)214.547.2290
brian.eckertattws.com

-----Original Message-----
From: Michael Young [mailto:mikeutopia2.com]
Sent: Wednesday, November 01, 2000 6:14 PM
To: FOCUS-IDSSECURITYFOCUS.COM
Subject: IDS on switch with multiple VLANs

I'm currently faced with the problem of implementing an IDS in an
environment where multiple VLANs from different subnets exist on a single
switch. Spanning port technology won't help, as you can only have 1
spanning port per switch, so only one VLAN gets the IDS. I've considered
agent-based network IDS, but wonder if the cost per host becomes
prohibitive at around 17,000 machines.

Is there a simple solution I'm missing?

• Next message: Drew Simonis: "Re: IDS on switch with multiple VLANs"
• Previous message: Ron Gula: "Re: host ids service"
• Maybe in reply to: Michael Young: "IDS on switch with multiple VLANs"
• Next in thread: Maddy: "Re: IDS on switch with multiple VLANs"
• Next in thread: North, Jason: "Re: IDS on switch with multiple VLANs"
• Maybe reply: Eckert, Brian: "Re: IDS on switch with multiple VLANs"
• Reply: Maddy: "Re: IDS on switch with multiple VLANs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]