Firewall Wizards mailing list archives

Re: future of IDS

From: Martin W Freiss <freiss.pad () sni de>
Date: Fri, 16 Oct 98 22:55:20 MDT

Bennett Todd writes:


My own prediction is that we're going to see a strong trend towards a new
archicture (supposedly available or at least under development for the
commercial NFR, at least), where the IDS is partitioned into capture and
analysis engines, and the capture engine is designed to be replicated over as
many hosts as needed.


... where the capture engine is in the firmware of the switch (hey, free
product idea for the rest of you :-)). Tough for statistical analysis,
should be doable for more signature based IDSes.

-Martin

--
 Martin Freiss, MF194        | freiss.pad () sni de | http://www.rmi.de/~marvin
 Siemens ICN VD IT NET Consulting, Solution Team Internet / Intranet
Half male, half e-mail.

Current thread:

future of IDS Colin Campbell (Oct 16)
- Re: future of IDS Bennett Todd (Oct 16)
  - Re: future of IDS Martin W Freiss (Oct 19)
    - Re: future of IDS Owen O'Connor (Oct 23)
  - Message not available
    - Re: future of IDS Bennett Todd (Oct 23)
    - Re: future of IDS Dominique Brezinski (Oct 27)
    - Re: future of IDS Bennett Todd (Oct 28)
    - Re: future of IDS David LeBlanc (Oct 28)
- Re: future of IDS Gigi Sullivan (Oct 16)
  - Re: future of IDS David Lang (Oct 19)
- RE: future of IDS Tupshin Harper (Oct 16)
  - Re: future of IDS Adam Shostack (Oct 19)
    - Re: future of IDS John Ladwig (Oct 23)

(Thread continues...)