Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: future of IDS

From: Dex Wycoff <dex () yahoo com>
Date: Fri, 16 Oct 1998 21:13:52 -0700 (PDT)


With the likelihood that more and more hubs
are going to disappear and be replaced by
switches, where does that leave the humble
IDS that can no longer see all the traffic
it needs to, to do its job?



THe IDS folks have been aware of this
pending problem for a while. The basic
approaches are (1) use an explicit tap
on the switch, (2) build the IDS into
the switch (or get the switch to cooperate
with the IDS), (3) get the end hosts to
chip in and function as IDS sensors.

              Vern



  Luckily, IDS does not have a steadfast
definition that can be cornered by this
problem. The current market of N-IDS
(Network) products are iffected by this
problem but as Mr. Paxson outlines in #3,
smart nodes are a solution. Most big name
N-IDS products are just security aware
sniffers and will thus have to piggy back
on the switch.
   The question that I keep running around
is the viability of smart nodes. From what
I understand, users of the @Home service
are given a cable box which provides
connectivity and security. If the user so
chooses, the security resctrictions
enforced on the box can be changed securely
and with ease. The "it will never work
because ... " arguments seem big but I
just can't help looking at the blue sky.




_________________________________________________________
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com
Previous By Date Next
Previous By Thread Next

Current thread: