Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: HW Specs

From: Rich Moffitt <lists () richmoffitt org>
Date: Mon, 21 Nov 2005 09:14:41 -0500
I'm not an everyday snort user lately, but I think there are a couple of
questions we need to ask:

1) What kinds of rules do you plan on using on this traffic?  (It'll
affect your processing needs)
2) You're on a 100Mbit switch, yet each interface will see 17 and 14GB
of traffic, respectively?  I'm confused.  What's the peak data rate
going through each interface?  (Obviously not above 100Mbit)
3) What kind of logging do you intend on doing?  Are you concerned about
having enough storage for this sensor?

Regards,
Rich

Brian J. Dyrehauge wrote:


Hey Snort Users!
 
I'm about to buy some hardware, and need to know what specs to go with.
I'll be using Snort and MySQL on the same machine. We'll be monitoring
on 2 NICs. Net traffic will be, as far as I've been informed by our
customer, 17 GB on one NIC and 14 GB on the other NIC. The switch is a
100 MB, which means no Gigabit traffic.
 
Do you guys have any recommendations as to what hardware I should buy?
Take into consideration that it has to be non-expensive. ;)
 
 
Yours sincerely,
Brian



-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.  Get Certified Today
Register for a JBoss Training Course.  Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: