IDS mailing list archives

Previous By Date Next
Previous By Thread Next

High availability design of NIDS

From: "Vincent IP" <pong () cs ust hk>
Date: Tue, 22 Feb 2005 17:26:43 +0800 (HKT)
Hi all,

I am now designing an NIDS solution. In the design, I would like to
include high availability (HA) feature for my NIDS solution so that when
one of the sensor is dead, the other (resilient) sensor can take up the
monitoring job automatically.

If the NIDS is not running in stealthy mode, I think I could use the
Cluster service of Windows to monitor the network in HA mode. (assuming
both sensors can listen to all traffics in the network).

However, if I need to run the NIDS in stealthy mode, could I also use the
Cluster service to monitor the network in HA mode? Are there any products
already enabling HA feature?

Thank you very much.

Regards,
Pong


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: