Firewall Wizards mailing list archives

Re: future of IDS

From: "Owen O'Connor" <owenc () panix com>
Date: Mon, 19 Oct 1998 12:27:29 -0400 (EDT)


On Fri, 16 Oct 1998, Martin W Freiss wrote:

... where the capture engine is in the firmware of the switch (hey, free
product idea for the rest of you :-)). Tough for statistical analysis,
should be doable for more signature based IDSes.


ISS for one have been talking about exactly this for quite some time. See
for example http://www.iss.net/prod/tpo/rs_faq.html. ODS are jumping in
bed with a number of NIDS vendors to put agents on the switch, see
http://web.ods.com/ for details. I seem to recall that Cisco are talking
about putting their NIDS product onto a Cisco blade for use in all your
boder (and possibly interior) routers. This IMHO is where an IETF standard
on data transfer would be useful.

Owen O'Connor

Current thread:

future of IDS Colin Campbell (Oct 16)
- Re: future of IDS Bennett Todd (Oct 16)
  - Re: future of IDS Martin W Freiss (Oct 19)
    - Re: future of IDS Owen O'Connor (Oct 23)
  - Message not available
    - Re: future of IDS Bennett Todd (Oct 23)
    - Re: future of IDS Dominique Brezinski (Oct 27)
    - Re: future of IDS Bennett Todd (Oct 28)
    - Re: future of IDS David LeBlanc (Oct 28)
- Re: future of IDS Gigi Sullivan (Oct 16)
  - Re: future of IDS David Lang (Oct 19)
- RE: future of IDS Tupshin Harper (Oct 16)
  - Re: future of IDS Adam Shostack (Oct 19)
    - Re: future of IDS John Ladwig (Oct 23)
  - RE: future of IDS Jonathan Rozes (Oct 19)

(Thread continues...)