Re: Taps supporting traffic aggregation ...

["Andy Cuff" <lists () securitywizardry com>]

Hi Ken,
You certainly posted a good vendor marketing mail, and having seen the IDS
balancer previously it appeared to be fairly impressive.  BUT, surely there
must be some disadvantages of a balancer over a tap such as data stream
injection of crafted reset and unreachable packets?

Comments inline
Talisker Security Tools Directory
http://www.securitywizardry.com

> The best way to do this is using an IDS Balancer. (possibly the only way
to
> do it right)

A very bold marketing statement!
> The IDS Balancer will:
> a) Aggregate the traffic

So will a tap

> b) Filter the traffic (if you want to do that, so that you can send
> different traffic to different sensors)

With a Tap you can send all the traffic to all sensors and then apply
appropriate policies to reduce the traffic load problem. This perhaps is not
as efficient as the Load Balancer but is a viable method to spread the
comutational load.

> c) Create multiple copies (e.g. same traffic to 2 different sensors)

As you can with a Tap

> d) Load balance the traffic to groups of sensors.

As you can with a Tap
> The pricing of the Top Layer IDS Balancer is very close to the prices of
> taps.

Really, that's good

> The ROI of the IDS Balancer is so compelling that most of out customers
> admit that the savings pay for the IDS Balancer from day one.
>
> The Top Layer IDS Balancer is a family of products from entry level fast
> Ethernet configurations to multi-GigE.
> Note: I work for Top Layer.

Figured That
>


---------------------------------------------------------------------------
---------------------------------------------------------------------------