Snort mailing list archives
RE: IDS Placement ideas for inside and outside a firewall.
From: "Drew Stockman" <Drew.Stockman () cibmis com>
Date: Wed, 2 Apr 2003 14:50:14 -0600
We have a "dirty" hub in between the routers and firewalls. Lets us have the IDS and if we ever need to sniff traffic for troubleshooting purposes just plug into the hub. Drew Stockman Security Analyst CIBMIS -----Original Message----- From: Brei, Matt [mailto:mbrei () medclaiminc com] Sent: Wednesday, April 02, 2003 1:43 PM To: snort-users () lists sourceforge net Subject: [Snort-users] IDS Placement ideas for inside and outside a firewall. Hi everyone. I am trying to convince my company to implement IDS on our network but I have a few questions. I know I would want one on both sides of the firewall, but on a switched network, how would I force traffic to go through Snort before it reached its destination? Also, the way its set up now, the Cisco 1751 router goes right into the Cisco PIX 501 firewall and from there into a switch. How would I place an IDS between the firewall and switch?
Current thread:
- IDS Placement ideas for inside and outside a firewall. Brei, Matt (Apr 02)
- <Possible follow-ups>
- RE: IDS Placement ideas for inside and outside a firewall. Brei, Matt (Apr 02)
- RE: IDS Placement ideas for inside and outside a firewall. Drew Stockman (Apr 02)
- RE: IDS Placement ideas for inside and outside a firewall. Brei, Matt (Apr 02)
- RE: IDS Placement ideas for inside and outside a firewall. Brei, Matt (Apr 02)
- Re: IDS Placement ideas for inside and outside a firewall. David Glosser (Apr 02)
- RE: IDS Placement ideas for inside and outside a firewall. Brian Laing (Apr 03)
- Re: IDS Placement ideas for inside and outside a firewall. David Glosser (Apr 02)
- RE: IDS Placement ideas for inside and outside a firewall. Brei, Matt (Apr 03)
- RE: IDS Placement ideas for inside and outside a firewall. Brian Laing (Apr 03)
- Re: IDS Placement ideas for inside and outside a firewall. David Glosser (Apr 03)