RE: [fw-wiz] VPN concentrators

From: Nilesh Chaudhari (nileshch@yahoo.com)
Date: 08/30/02


From: Nilesh Chaudhari <nileshch@yahoo.com>
To: firewall-wizards@honor.icsalabs.com
Date: Fri Aug 30 07:30:02 2002


"R. DuFresne" wrote:
> > DMZ
> > |
> > +--(ids)
> > |
> > inet=====rtr---+--firewall---internal
> > [+vpn] |
> > |
> > (ids)
>
> But, don't you /\ find this IDS to be painfully over
> 'informative'? Or have you trained it down to near silence?

This IDS serves for both VPN as well as non-VPN traffic. So it cannot
be trained down to near silence. This ids looks for incoming as well as
outgoing traffic from internal network for suspicious traffic. The DMZ
ids has been customized only for the services running in the DMZ.

Whatever may be the traffic on the network, the ids has to be
customized to what signatures are important for you. One obviously
cannot use default installations of IDSes.

Regards,
Nilesh Chaudhari.

________________________________________________________________________
Want to sell your car? advertise on Yahoo Autos Classifieds. It's Free!!
       visit http://in.autos.yahoo.com