IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS\IPS that can handle one Gig

From: Nick Black <dank () qemfd net>
Date: Mon, 6 Jun 2005 16:48:49 -0400
THolman () toplayer com assumed the extended riemann hypothesis and showed:

A box with one or two ASICs in is easily outperformed by a PC with the
latest Intel processor, fast network cards and a good chunk of memory.
However, the PC is more prone to hard disk failure, which is why you should
never put one inline if uptime is critical.


This is a valid point, and the critical reason behind our decision at
Reflex to use 16MB flash RAM devices on our sensor apparatus, reporting
via dedicated mechanism to a management / aggregation device with
RAID-backed mass store. Of course, this does not any panacea make, but
it does facilitate and make more tolerable our stubborn reliance on 
COTS hardware.

For our customers with need for true high availability, we offer a
more complete solution that certainly doesn't end at store redundancy.
It's been my observation, however, that such customers are few and far
between (disclaimer: I speak with pretension of authority regarding
neither the sales space nor Reflex's business plans). Perhaps these
customers are simply flocking to the ASIC-based approaches, and I see
disproportionately few; the ASIC model certainly has a panache about
it (as does TopLayer's fine product -- kudos).

-- 
nick black          "np:  the class of dashed hopes and idle dreams."

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: