IDS mailing list archives
Re: Gig TAPs
From: "Talisker" <talisker () networkintrusion co uk>
Date: Mon, 3 Feb 2003 19:41:26 -0000
Suffice it to say, however, that a tap is a tap is a tap, as far as I've
been able to tell. If only it were that simple, when they are tested they need to be able to cope with a variety of traffic, as Rob Shein eluded to in a previous post ".... Did they demonstrate it on a network using really large packets, with all traffic of equal packet size and zero fragmentation? Or was it on a real network..... " How does the tap deal with full duplex, does it rely on you coping with it by providing 2 outputs or does it do it internally on the proviso that once the network reaches it's capacity ie 100Mb/s in either one direction or 50Mb/s in both directions it drops packets. Is there a fail safe, and almost as importantly does the fail safe kick in instantly. Then there are the minor issues, how sturdy are they, we had to return one (nameless) because the power connector was loose, losing sensor data everytime we went in the rack. Overheating, the aircon failed, the servers all managed no problem but the tap died first taking with it the failsafe and therefore the network connection. Finally and fairly important for me, can I visibly demonstrate to network owners that there is no transmit and therefore that I am not introducing a firewall bypass. One of the best I've seen was a hotch potch of fiber/ethernet media converters (3) cobbled together, worked fine but proved expensive and a nightmare finding sufficient power outlets. Most important of all though is how bright the little LEDs can flash and how many colors ;o) take care -andy Taliskers Network Security Tools http://www.networkintrusion.co.uk ----- Original Message ----- From: "Peter Schawacker" <pschawacker () nfr com> To: "'Bawcom, Aaron'" <aaron_bawcom () intrusion com>; "'Garritano,Robert'" <Robert.Garritano () cna com>; "'Talisker'" <talisker () networkintrusion co uk> Cc: <focus-ids () securityfocus com> Sent: Monday, February 03, 2003 6:13 PM Subject: RE: Gig TAPs -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My apologies. I got Intrusion's tap's mixed up with another Netoptics OEM deal. Suffice it to say, however, that a tap is a tap is a tap, as far as I've been able to tell. Sorry, Aaron. Didn't mean to cast aspersions on Intrusion. The company has some good products and terrific staff (I used to work there :-)). Mea culpa. Peter - -----Original Message----- From: Bawcom, Aaron [mailto:aaron_bawcom () intrusion com] Sent: Monday, February 03, 2003 10:08 AM To: 'Peter Schawacker'; 'Garritano,Robert' Cc: 'Talisker'; focus-ids () securityfocus com Subject: RE: Gig TAPs Not pointing the finger but just clarifying any ambiguity: "Netoptics is actually the manufacturer of Intrusion's taps" -- False. I work at Intrusion and unless Netoptics 1) got the board schematics 2) are manufacturing them for free 3) breaking into our inventory and putting them in our boxes, then Netoptics has no tie to the Intrusion taps. The Intrusion SecureNet IDS Taps were specifically engineered for IDS applications. More info can be found here (in addition to the URL below): https://www.intrusion.com/products/downloads/TapPO_1102.pdf - -----Original Message----- From: Peter Schawacker [mailto:pschawacker () nfr com] Sent: Friday, January 31, 2003 1:08 PM To: 'Garritano,Robert' Cc: 'Talisker'; focus-ids () securityfocus com Subject: RE: Gig TAPs - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netoptics is actually the manufacturer of Intrusion's taps. I think I heard that Netoptics makes taps for Finisar (formerly Shomiti) as well. If all taps are made by one company, then it's all about price and support. http://www.netoptics.com/ http://www.finisar.com/product/product.start.php http://www.intrusion.com/products/product.asp?lngProdNmId=39&lngCatId=4 I've seen taps used in dozens of deployments. Never have I had problems with them. Peter Schawacker, CISSP Senior Systems Engineer NFR Security 43300 Warner Trail Palm Desert, CA 92211 Office: 760-200-4258 Mobile: 760-221-2404 - - -----Original Message----- From: Talisker [mailto:talisker () networkintrusion co uk] Sent: Thursday, January 30, 2003 12:28 PM To: Garritano,Robert; focus-ids () securityfocus com Subject: Re: Gig TAPs Robert
Has anyone used gigabit TAPs in their network? I currently use Finisar ehternet TAPs, but are looking for cost, model, etc for gig E TAPs.
I recently saw Intrusion Inc's Gigabit TAP demonstrated and it did the business pretty well - - -andy Taliskers Network Security Tools http://www.networkintrusion.co.uk - - ----- Original Message ----- From: "Garritano,Robert" <Robert.Garritano () cna com> To: <focus-ids () securityfocus com> Sent: Wednesday, January 29, 2003 5:38 PM Subject: Gig TAPs
Has anyone used gigabit TAPs in their network? I currently use Finisar ehternet TAPs, but are looking for cost, model, etc for gig E TAPs. Thx
****************************************************************************
This email is confidential and intended only for the stated addressee(s).
If
you receive this in error, please inform us immediately and delete it and all copies from your system. Any unauthorized disclosure, use, or dissemination, either whole or partial, is prohibited. Any views or
opinions
contained in this email are those of the author and are not necessarily endorsed by CNA, and the company cannot be held responsible for any
misuse.
This email and its attachments are believed to be free of any virus, or defect, but it is the responsibility of the recipient to ensure this. CNA does not accept responsibility or liability for any loss or damage arising in any way from its receipt or use or for any errors or omissions in its contents which may arise as a result of its transmission. This email is covered by CNA's Terms and Conditions of Business, a copy of which can be viewed on our website, or on request.
****************************************************************************
- -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPjrJfvZ0MWG5/LasEQJxJgCg8yWnlkIAbY5xlsLoFUZeRjOT7rcAoOoA HQFcWZu84HmEshMWbKCHzCps =gNyL - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPj6xZvZ0MWG5/LasEQIFcACgsfWaOjsf6XRvi8MfB2kwLw0BzLgAoJpN aayIxBcCzqhEa4bXyRkMr086 =8x2p -----END PGP SIGNATURE-----
Current thread:
- RE: Gig TAPs Bawcom, Aaron (Feb 05)
- RE: Gig TAPs Peter Schawacker (Feb 05)
- Re: Gig TAPs Talisker (Feb 05)
- <Possible follow-ups>
- Re: Gig TAPs Aaron Turner (Feb 05)
- RE: Gig TAPs Peter Schawacker (Feb 05)
- Re: Gig TAPs Talisker (Feb 03)
- Re: Gig TAPs Bennett Todd (Feb 05)
- RE: Gig TAPs Peter Schawacker (Feb 05)