RE: [fw-wiz] VPN concentrators

From: Nilesh Chaudhari (nileshch@yahoo.com)
Date: 08/30/02


From: Nilesh Chaudhari <nileshch@yahoo.com>
To: firewall-wizards@honor.icsalabs.com
Date: Fri Aug 30 07:30:02 2002


"R. DuFresne" wrote:
> > DMZ
> > |
> > +--(ids)
> > |
> > inet=====rtr---+--firewall---internal
> > [+vpn] |
> > |
> > (ids)
>
> But, don't you /\ find this IDS to be painfully over
> 'informative'? Or have you trained it down to near silence?

This IDS serves for both VPN as well as non-VPN traffic. So it cannot
be trained down to near silence. This ids looks for incoming as well as
outgoing traffic from internal network for suspicious traffic. The DMZ
ids has been customized only for the services running in the DMZ.

Whatever may be the traffic on the network, the ids has to be
customized to what signatures are important for you. One obviously
cannot use default installations of IDSes.

Regards,
Nilesh Chaudhari.

________________________________________________________________________
Want to sell your car? advertise on Yahoo Autos Classifieds. It's Free!!
       visit http://in.autos.yahoo.com



Relevant Pages

  • Re: [fw-wiz] How should an Internet connection/firewall be designed?
    ... on the DMZ and inside the firewall. ... to our internal network that require one-time-passwords and restricted ... How many companies have two serial firewalls from different vendors? ... How many companies still use IDS? ...
    (Firewall-Wizards)
  • Re: Setting up an IDS system
    ... > Network from 1-2 Stations ... Ofcourse IDS ... your DMZ servers and the internal network or ii) you may ... How important it is to also have an IDS system ...
    (Security-Basics)
  • Re: Setting up an IDS system
    ... This depends on how secure you need your network. ... some added security by setting up an IDS but don't necessarily work in ... How important it is to also have an IDS system monitoring the traffic ... > SAME DMZ IDS system with another NIC monitoring Inside Network Traffic? ...
    (Security-Basics)
  • Re: Usefulness of Network Intrusion Detection Systems
    ... >> usually at overtime rates? ... My IDS is in my internal network. ... The IDS has been incredibly useful in monitoring cracking and worm ...
    (Focus-IDS)
  • RE: IDS question [was: Re: Firewall and DMZ topology]
    ... > along the lines of having the IDS in the DMZ. ... > past the outside firewall to the DMZ hosts would be ... IDS to recognise attack signatures and you get advance ...
    (Security-Basics)