Re: Considering nSight, any thoughts? (Final comment)

[Steven Rakick <stevenrakick () yahoo com>]

Due to the number of emails I received off the list
from students, I wanted to point something out.

Intrusense sent out an email notice yesterday evening
regarding the release of nSight 2.0. It appears
they've adopted a new licensing model. Not only is
their license no longer bound to a specific URL, but
also they're offering free licenses for personal,
educuational and otherwise non-commercial end users.

I thought that was pretty cool.


Steve


--- Jeff Boston <nospam () techemail com> wrote:


---------------------------------

Hi. Sorry for the delay in my response.

Jason/Steven, I'd highly recommend this or other
products like it. It's quite affordable and very easy
to get running (although they need to create more
documentation).

We've been using the new version of nSight for
approximately 2 months now and it's been quite useful
and more so by the day. I'm learning that the more
network information nSight collects, the more valuable
it becomes. 

It's helped us identify the cause of several
intermittent problems we've had for at least a year
now because we were able to go back and look
specifically at the point in time where the problem
occured (2 times in 2 months). The problem was
knocking off users from a few servers in our DMZ so
we're happy it's been resolved. We also had a couple
users who were doing a ton of pirated software
uploads/downloads. We idenitified then within 30
minutes of installing nSight.

That's about it. Email me off the list if you have any
questions.

J.

Author: Steven Rakick
Date:  2005-07-30 14:302005-07-30 18:30  -400UTC
To: Jason Heschel, security-basics
Subject: Re: Considering nSight, any thoughts?

Jason, I did respond, but to another list. Here's my
post just in case...

-
Jason,

Been running nSight for a little over a year now with
data purge after 13 months. We have 3 agents at remote
offices with each inspecting the traffic of around
700-900 hosts. It's been quite helpful. We *had* a ton
of P2P traffic in our networks.

When we started out last year, we tried to host all 3
agents on a low end HP blade (with a laptop hd). After
about 2 months it became very slow (mostly due to disk
IO). We upgraded to a faster blade with fast SCSI disk
and it's been flying along ever since.

Also, according to another poster (Darrin Maidlow) on
Full Disclosure, there is a beta program in place
right now for nSight 2.0 at
http://www.intrusense.com/products/beta. I'm not sure
if you're evaluating 2.0 or 1.x.

Steve

--- Jason Heschel <jason.heschel () gmail com> wrote:

> Hello list,
>
> We've spent the last few weeks evaluating nSight (a
> network analysis
> package from Intrusense) and are now considering
> making a purchase.
>
> I'm curious to hear any opinions, problems or praise
> people have for
> this software. Does it scale well? How does it
> perform after
> collecting several months worth of data?
>
> -jason


 

---------------------------------
Are you a Techie? Get Your Free Tech Email Address
Now! Visit http://www.TechEmail.com




        
                
______________________________________________________
Click here to donate to the Hurricane Katrina relief effort.
http://store.yahoo.com/redcross-donate3/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/