Best Enterprise Snort Configuration

[tfandango <tfandango () yahoo com>]

Good news, I have a go for a Snort R&D project to
prove that Snort can handle the traffic that our
current commercial $oftware does.

So I have a few questions...

What is the best enterprise setup?  I estimate that we
will need about 60-70 sensors when it's all said and
done.  For an R&D project, I figure that I will start
with about 2 sensors running linux.

So what snort-related tools do you guys like the best?
 I will probably try to use mySQL to start off with
and log to a central database somewhere.  But what
tools are available to remotely manage the snort
application, display the all sensor alerts in near
realtime on some central console (I assume this will
be something that polls the database), etc, etc.

Just looking for some opinions in this area!  Thanks!

tfandango 

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com


-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users