IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: High Performance IDS's

From: "Vigilant Labs" <labs () thevigilant com>
Date: Wed, 7 Jan 2004 16:53:30 -0500
I ACK what Ron says about NAI in IDS mode (opposed to inline IPS mode) 

I can also vouch for Sourcefire's optimized Snort appliance simply
because we have one in our lab. 

If detection accuracy under load is what your looking for check out the
OSEC results at http://osec.neohapsis.com/results/?TP/1.1

Take Care,

Joseph C. Magee
Chief Technology Officer
Vigilant, LLC.
Phone: 617.921.8671
Fax:   877.577.6718
E-mail: jmagee|at|thevigilant.com
http://www.thevigilant.com
PGP FP: 22A2 906C 1FA3 0A28 8471 20C0 B9AD A7A0 8671 5F14


-----Original Message-----
From: Ron Gula [mailto:rgula () tenablesecurity com] 
Sent: Wednesday, January 07, 2004 3:09 PM
To: focus-ids () securityfocus com
Subject: Re: High Performance IDS's


At 07:06 PM 1/7/2004 +0000, Richard Worwood wrote:

I was wondering if anyone had any recommendation for GigE capable 
systems?


For full 1Gb, you should be looking at NetScreen or NAI. If 
you are in the 100-300 Mb range, most modern NIDS function in 
that category.

Ron Gula, CTO
Tenable Network Security 


--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------




---------------------------------------------------------------------------
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: