Re: Considering nSight, any options?

[Steven Rakick <stevenrakick () yahoo com>]

Jason,
Been running nSight for a little over a year now with data purge after 13 months. We have 3 agents at remote offices 
with each inspecting the traffic of around 700-900 hosts. It's been quite helpful. We *had* a ton of P2P traffic in our 
networks.
 
When we started out last year, we tried to host all 3 agents on a low end HP blade (with a laptop hd). After about 2 
months it became very slow (mostly due to disk IO). We upgraded to a faster blade with fast SCSI disk and it's been 
flying along ever since. 
 
Steve
 
 
 
On 7/28/05, Jason Heschel <jason.heschel () gmail com> wrote:
> Hi list,
>
> I tried sending this to a SecurityFocus list but I think everyone's at
> Blackhat or something. :)
>
> We've spent the last few weeks evaluating nSight (www.intrusense.com).
> It's been very helpful in identifying exactly what, when and who is
> eatting up all of our internal network bandwdith as well expose some
> 'strange' internal network behavior which was causing some
> intermittent problems with our Windows hosts.  Anyways, we're now
> considering making a purchase.
>
> I'm curious to hear any opinions, problems or praise people have for
> this software. Does it scale well? It seems to collect a lot of
> information. How does it perform after collecting several months worth
> of data?
>
> -jason
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/