Firewall Wizards mailing list archives

Re: future of IDS

From: Bennett Todd <bet () mordor net>
Date: Fri, 16 Oct 1998 13:23:35 -0400

1998-10-15-12:24:24 Colin Campbell:

[...] With the likelihood that more and more hubs are going to disappear and
be replaced by switches, where does that leave the humble IDS that can no
longer see all the traffic it needs to, to do its job?


Interesting question. Different folks will come up with different answers, I'm
sure.

My own prediction is that we're going to see a strong trend towards a new
archicture (supposedly available or at least under development for the
commercial NFR, at least), where the IDS is partitioned into capture and
analysis engines, and the capture engine is designed to be replicated over as
many hosts as needed.

-Bennett

Current thread:

future of IDS Colin Campbell (Oct 16)
- Re: future of IDS Bennett Todd (Oct 16)
  - Re: future of IDS Martin W Freiss (Oct 19)
    - Re: future of IDS Owen O'Connor (Oct 23)
  - Message not available
    - Re: future of IDS Bennett Todd (Oct 23)
    - Re: future of IDS Dominique Brezinski (Oct 27)
    - Re: future of IDS Bennett Todd (Oct 28)
    - Re: future of IDS David LeBlanc (Oct 28)
- Re: future of IDS Gigi Sullivan (Oct 16)
  - Re: future of IDS David Lang (Oct 19)
- RE: future of IDS Tupshin Harper (Oct 16)
  - Re: future of IDS Adam Shostack (Oct 19)

(Thread continues...)