using snort for an IDS/IPS appliance

[d a <xstoneheartx () yahoo com>]

Hi every body,
We have a pilot project to develop a primary appliance for 10 Gbps IPS/IDS. We 
want to use snort-2.9 as its detection engine and there is no limitation in 
hardware features (RAM: 24GB or more if is needed – CPU: Intel core i7 965 or 
more if is needed ….)
Now, there is an elementary question: Can snort be used for 10Gbps traffic rate? 
I know that snort performance depends on hardware features, number of enabled 
rules, preprocessors,… . But with the assumption of the simplest state, no 
limitation in hardware, using just signature based detection, how many rules 
approximately could be enabled to reach protection of 10 Gbps traffic? 

 
I have no idea about the possibility of using snort for this rate of traffic, 
but if it’s impossible in any way, do you think developing a hardware 
accelerator for pattern matching unit of snort or using multi snort sensors and 
breaking traffic between them can solve this problem?

Thanks a lot for your helps


------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel