Snort mailing list archives
Re: 10gb deployment hardware req
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Sun, 25 Sep 2016 00:39:53 +0000
I've heard they are good. I have no experience with them myself. Generally we recommend when you get above 4G a second, you should start looking at commercial boxes like the firePOWER line that we make. Management of that much traffic, alerts, engines, rules, configurations, then it comes to updating. It's a lot. Sent from my iPhone On Sep 24, 2016, at 8:35 PM, Ludwig Goon <lagoon7 () gmail com<mailto:lagoon7 () gmail com>> wrote: I looked at endace cards, they are costly and they actually work well with Linux. they are mentioned in the afore mentioned paper. This is assuming you have fibre. On Sat, Sep 24, 2016 at 5:10 PM, Dalten 22 <Dalten22 () hotmail com<mailto:Dalten22 () hotmail com>> wrote: Some good reading, if nothing else: https://www.sans.org/reading-room/whitepapers/intrusion/open-source-ids-high-performance-shootout-35772 ________________________________ From: Stephen Safranek <safranek () binghamton edu<mailto:safranek () binghamton edu>> Sent: Friday, September 23, 2016 9:32 AM To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: [Snort-users] 10gb deployment hardware req Can anyone offer recommendations for sensor hardware? Looking to deploy snort 10GB speed in a higher ed environment and I am unable to find info on hardware reqs so far. Other than PF_ring capability, can anyone offer what they have used in their own environment for speeds such as this? Thanks in advance. ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- 10gb deployment hardware req Stephen Safranek (Sep 23)
- Re: 10gb deployment hardware req Dalten 22 (Sep 24)
- Re: 10gb deployment hardware req Ludwig Goon (Sep 24)
- Re: 10gb deployment hardware req Joel Esler (jesler) (Sep 24)
- Re: 10gb deployment hardware req Rob MacGregor (Sep 26)
- Re: 10gb deployment hardware req Ludwig Goon (Sep 24)
- Re: 10gb deployment hardware req Dalten 22 (Sep 24)