IDS mailing list archives

IDS in a loadbalanced Network

From: "Scholten, Jan" <jan.scholten () siemens com>
Date: Thu, 7 Sep 2006 12:26:48 +0200

Hi!

While searching for a matching IDS I encountered some problems.

Having a network structure with lots of seperate Vlans and/or DMZs
networks, i am wondering what is the best way to place an IDS in a
redundant L3Switch/router (C6506/7300) with HSRP and PortChannel
Loadbalancing for Vlans. 
Is there a bestpractice how to place an ids in a vlan, using a span port
on each of the devices (running in active/active), or is there a better
solution?

Regards from Germany
Jan Scholten 


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

Current thread:

IDS in a loadbalanced Network Scholten, Jan (Sep 07)
- <Possible follow-ups>
- RE: IDS in a loadbalanced Network Palmer, Paul (ISSAtlanta) (Sep 08)
  - Re: IDS in a loadbalanced Network Adam Powers (Sep 08)
- RE: IDS in a loadbalanced Network Scholten, Jan (Sep 08)