IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS Reliability/Availability

From: Bob Walder <bwalder () spamcop net>
Date: Thu, 23 Feb 2006 21:25:33 +0100
We already did - results are on our Web site at www.nss.co.uk

It will not be included in the MULTI-Gig test for fairly obvious reasons

Bob


On 23/2/06 19:50, "Sap ." <0xsapx0 () gmail com> wrote:


I know its not on the list but I would give the Cisco ASA appliances a
look, I'm not going to give you a sales pitch but here's a link :
http://www.cisco.com/en/US/products/ps6120/prod_brochure0900aecd80402ef4.html

- SaP -

On 2/22/06, Bob Walder <bwalder () spamcop net> wrote:

We have several IPS vendors submitting Multi-Gig IPS products on the Bivio
platform this year - results will be available in our multi-Gigabit IPS
report in the summer.

Results from testing 1Gbps products on this platform will be available in
the next few weeks

Having done some very "quick and dirty" tests of the Bivio box on its own, I
can confirm that the performance is pretty impressive, and the
architecture/scalability looks good.

Will be very interesting to see how the "software plus RISC" stacks up to
the "ASIC/FPGA" solutions over time in terms of both performance and cost -
should be an interesting report! :o)

Bob Walder
The NSS Group


On 20/2/06 01:40, "Alan Shimel" <ashimel () stillsecure com> wrote:


Marty

Correct me if I am wrong, but that is on the bivio box correct?
Interestingly our tests on this platform were well below the advertised
rates.  Are you planning any 3rd party testing of it?

alan


StillSecure
Alan Shimel
Chief Strategy Officer

O 303.381.3815
C 516.857.7409
F 303.381.3881
email ashimel () stillsecure com
blog http://ashimmy.typepad.com

www.stillsecure.com
The information transmitted is intended only for the person
to whom it is addressed and may contain confidential material.
Review or other use of this information by persons other than
the intended recipient is prohibited. If you've received
this in error, please contact the sender and delete
from any computer.

-----Original Message-----
From: Martin Roesch [mailto:roesch () sourcefire com]
Sent: Thursday, February 16, 2006 1:31 PM
To: David Williams
Cc: geek_brigades () yahoo com; focus-ids () securityfocus com
Subject: Re: IPS Reliability/Availability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi David,

You're referring to our IS 5800 chassis.  The 5800 is a carrier grade
platform that uses a multiple PowerPC CPUs as the application
processors.  It also uses a network processor for traffic management,
load balancing, and several other capabilities as well as another PPC
for systems management.  The system is fully fault tolerant, you can
hot swap power supplies, network interface modules (NIMs), fan trays,
hard drives and even processor boards without requiring a restart of
the system.  The NIMs also offer power-off fail-open capability.
Furthermore, the chassis is extensible, it's got a backplane
connector so you can attach another chassis to it and distribute the
applications and traffic across up to 8 more application CPUs (yep,
14 CPUs of Snorting fury) so you've got some pretty significant
investment protection as well because you don't need to get out your
forklift to go to the "next step up platform" to get more
performance, you just add computing power as needed and we can run
all of our network-facing applications on it.

We have configurations that offer 2 or 6 CPUs for our applications
right now and you can run intrusion detection, prevention or RNA in
any combination you like on the device at the same time on it.  For
example, you could have one chassis with 4 ports doing IPS, 2 ports
doing IDS and 2 running RNA.

Performance is very good as well, multi-gig processing is available
even in the 2 CPU configuration but obviously I don't have any third
party testing to point to so you can take that for what it's worth.

      -Marty

- --
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFD9MTvqj0FAQQ3KOARAuKtAJ9zokhur/6W+ASEAaJVRbg/fqeFJACfRoAX
F7rAUA+dmmx1RFnPWj8PR0c=
=eVYv
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------




------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------






------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: