Re: IDS architecture

[Rhoades.Jon <Rhoades.Jon () ensco com>]

Do you want to look at them in one place or 4 places?

What frontend are you running to view events?

All unix based?

If logged centrally only and that box dies does it matter? Redundancy / backup question.

Jon



On Nov 16, 2012, at 5:42 PM, "k vijay sai prashanth" <vijaysaiprashanth () gmail com> wrote:

> I have asked this question before and din't get any straightforward replies so he goes my question again.
>
> I have four sensor logging events to a database on the local machine. How should the architecture usually be? Should 
> all the sensors be logging events to a common database server? How do I implement this database server. This question 
> may seem trivial but please humour me and be as clear as possible.
>
> Thanks and Regards,
> Prashanth
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

The information contained in this email message is intended only for the use of the individual(s) to whom it is 
addressed and may contain information that is privileged and sensitive. If you are not the intended recipient, or 
otherwise have received this communication in error, please notify the sender immediately by email at the above 
referenced address and note that any further dissemination, distribution or copying of this communication is strictly 
prohibited.

The U.S. Export Control Laws regulate the export and re-export of technology originating in the United States. This 
includes the electronic transmission of information and software to foreign countries and to certain foreign nationals. 
Recipient agrees to abide by these laws and their regulations -- including the U.S. Department of Commerce Export 
Administration Regulations and the U.S. Department of State International Traffic in Arms Regulations -- and not to 
transfer, by electronic transmission or otherwise, any content derived from this email to either a foreign national or 
a foreign destination in violation of such laws.

------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!