nanog mailing list archives
Re: Network monitoring/IDS rant - What's hot what's not?
From: "Christopher L. Morrow" <chris () UU NET>
Date: Wed, 26 Feb 2003 07:07:24 +0000 (GMT)
On Tue, 25 Feb 2003, Christopher J. Wolff wrote:
Tivoli, Openview, Unicenter, ipmonitor, mrtg, nagios? There are many network monitoring options but each option has its pitfalls. I'm rapidly coming to the conclusion that any software Computer Associates publishes is designed for the criminally insane. However, there 'has' to be something that offers more visibility into a major WAN than MRTG/RRDTOOL.
CA-Unicenter/OVW/Tivoli are not IDS systems... (traditionally) but they can normally monitor the heck out of 'decent' sized networks (less than 500 components was my last experience with OVW atleast, tivoli and CA we never got working correctly with less than 1 metric butt ton of LOE to keep it running)
Perhaps I'm on a Computer Associates rant today but can anyone share any positive experiences with E-trust intrusion detection? 5 MB of traffic flow paralyzes a dual P3 with gobs of ram and it still misses signatures that Snort does not miss. Originally I was going to blame this lousy
So, lemme understand here... Snort works and you are switching why??
performance on application tuning; however, it was a CA engineer that set this box up. Any IDS suggestions would be greatly appreciated as well. Regards, Christopher J. Wolff, VP CIO Broadband Laboratories, Inc. http://www.bblabs.com
Current thread:
- Network monitoring/IDS rant - What's hot what's not? Christopher J. Wolff (Feb 25)
- Re: Network monitoring/IDS rant - What's hot what's not? Martin hepworth (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Christopher L. Morrow (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Pete Kruckenberg (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Christopher L. Morrow (Feb 26)
- Re[2]: Network monitoring/IDS rant - What's hot what's not? Richard Welty (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Petri Helenius (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Pete Kruckenberg (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Pete Kruckenberg (Feb 26)
- Re[2]: Network monitoring/IDS rant - What's hot what's not? Richard Welty (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Christopher McCrory (Feb 26)
- <Possible follow-ups>
- Re: Network monitoring/IDS rant - What's hot what's not? Jeff Weisberg (Feb 26)
- Re: Network monitoring/IDS rant - What's hot what's not? Jared Mauch (Feb 26)