Re: recommendations regarding IPS

["Hegger, Stefan" <Stefan.Hegger () lycos-europe com>]

Hi 

On Fri, 2006-03-31 at 08:50 -0500, Robert E.Seastrom wrote:
> "Hegger, Stefan" <Stefan.Hegger () lycos-europe com> writes:
>
> > hope not bothering you but I'm looking for some experiences with IPS
> > systems. There are several vendors but is there a recommandation or some
> > tests? As Service provider we need a system which handles the scanning
> > in hardware and it should work as a layer2 bridge (no IP).
>
> what speed, what problem are you trying to solve, and what do you mean
> by "in hardware"?  no fpgas?  :)

We have a 2 Gbps connection with about about 200kpps in- and outgoing
traffic, and I don't want to pipe the traffic through software, fpgas
are ok.
Our problems are DDoS and we want to have a stateful packet inspection.
The system should not be "static" there should be something like anomaly
detection. It should report if there is "strange" traffic. And of course
the normal stuff as Intrusion detection (worms, botnets etc.)

Stefan  

-- 
Stefan Hegger
Lycos Europe GmbH
Carl-Bertelsmann Str. 21
Postfach 315
33311 Guetersloh

email:Stefan.Hegger () lycos-europe com
Tel: +49 5241 80 71334
FAX:+49 5241 80671334
Mob:+49 170 1892720

Attachment: signature.asc
Description: This is a digitally signed message part