IDS mailing list archives
Re: IDS\IPS that can handle one Gig
From: Nick Black <dank () qemfd net>
Date: Mon, 6 Jun 2005 16:48:49 -0400
THolman () toplayer com assumed the extended riemann hypothesis and showed:
A box with one or two ASICs in is easily outperformed by a PC with the latest Intel processor, fast network cards and a good chunk of memory. However, the PC is more prone to hard disk failure, which is why you should never put one inline if uptime is critical.
This is a valid point, and the critical reason behind our decision at Reflex to use 16MB flash RAM devices on our sensor apparatus, reporting via dedicated mechanism to a management / aggregation device with RAID-backed mass store. Of course, this does not any panacea make, but it does facilitate and make more tolerable our stubborn reliance on COTS hardware. For our customers with need for true high availability, we offer a more complete solution that certainly doesn't end at store redundancy. It's been my observation, however, that such customers are few and far between (disclaimer: I speak with pretension of authority regarding neither the sales space nor Reflex's business plans). Perhaps these customers are simply flocking to the ASIC-based approaches, and I see disproportionately few; the ASIC model certainly has a panache about it (as does TopLayer's fine product -- kudos). -- nick black "np: the class of dashed hopes and idle dreams." -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: IDS\IPS that can handle one Gig, (continued)
- Re: IDS\IPS that can handle one Gig Bob Walder (Jun 05)
- Re: IDS\IPS that can handle one Gig Per Engelbrecht (Jun 01)
- RE: IDS\IPS that can handle one Gig Prashant Khandelwal (Jun 01)
- RE: IDS\IPS that can handle one Gig THolman (Jun 01)
- Re: IDS\IPS that can handle one Gig Peter Schawacker (Jun 01)
- RE: IDS\IPS that can handle one Gig Dave Hawkins (Jun 01)
- RE: IDS\IPS that can handle one Gig Palmer, Paul (ISSAtlanta) (Jun 04)
- RE: IDS\IPS that can handle one Gig THolman (Jun 04)
- Re: IDS\IPS that can handle one Gig Ed Gibbs (Jun 04)
- RE: IDS\IPS that can handle one Gig Chris Harrington (Jun 06)
- Re: IDS\IPS that can handle one Gig Nick Black (Jun 07)
- RE: IDS\IPS that can handle one Gig THolman (Jun 04)
- Re: IDS\IPS that can handle one Gig Mike Frantzen (Jun 06)
- Re: IDS\IPS that can handle one Gig Nick Black (Jun 07)
- Re: IDS\IPS that can handle one Gig Mike Frantzen (Jun 06)
- Re: IDS\IPS that can handle one Gig Ed Gibbs (Jun 06)
- IPS test criteria (was IDS\IPS that can handle one Gig) Bob Walder (Jun 07)
- RE: IDS\IPS that can handle one Gig Gary Halleen (Jun 06)
- RE: IDS\IPS that can handle one Gig Hovis, Chris (Jun 07)
- RE: IDS\IPS that can handle one Gig THolman (Jun 07)
- RE: IDS\IPS that can handle one Gig Edward Sohn (Jun 08)
- RE: IDS\IPS that can handle one Gig Barrett G . Lyon (Jun 08)
(Thread continues...)