RE: high speed nids

From: Chris Deibler (chris.deibler@vigilantminds.com)
Date: 08/03/01 

Message-ID: <9B515520AA3CD411B36900508B6636B50956B3CC@mi8nycmail02.mi8.com>
From: Chris Deibler <chris.deibler@vigilantminds.com>
To: focus-ids@securityfocus.com
Subject: RE: high speed nids
Date: Fri, 3 Aug 2001 13:19:29 -0400

        A rumor shared by many. As it stands, the NetworkICE Gigabit Sentry
is the only realistic choice for giga-speed IDS, and ISS was shrewd to
purchase that ability. As far as the engine is concerned, the NI products
actually mirror the IP stack for decoding and detection, as opposed to
inserting shims into the stack, a technique used by many other IDS vendors.
Part of my company's offerings is the resale of NetworkICE (value added or
straight), and we have been continually impressed with the performance of
the engine. Doesn't match the sheer fun-factor of a rack of snort boxes,
but hey, what does?

Chris Deibler
VigilantMinds, Inc.

-----Original Message-----
From: Mike Johnson [mailto:mikej@opennms.org]
Sent: Friday, August 03, 2001 10:53 AM
To: focus-ids@securityfocus.com
Subject: Re: high speed nids

Chris Deibler [chris.deibler@vigilantminds.com] wrote:
> NetworkICE (now ISS property) has a gigabit-capable sentry offering.
> However, whether this product survives the consolidation is subject to
> conjecture. In any case, I suggest checking it out. I have considerable
> experience with their other sentries, and find them useful.

Rumor has it that this technology is the exact reason that ISS
bought NetworkICE. I'd be willing to bet that it'd survive
the buyout. That's not to say it won't morph into something else,
but ISS doesn't have any way of doing gigabit capable stuff
without either the expensive Toplayer stuff or the tech from
NetworkICE.

Mike 

-- 
Mike Johnson -- mikej@opennms.org
OpenNMS -- http://www.opennms.org
--
Like many things in awk, the majority of the time things 
work as you would expect them to work.  -- The GNU Awk User's Guide.

Relevant Pages

  • Re: Search for snoopy
    ... The cost of preserving ISS would be quite high. ... ISS's US solar panels give a little more than 30kW, ... How would the thrust of such an engine compare with the atmospheric drag ... available from the ISS solar panels means a very low thrust VASMIR ...
    (sci.space.policy)
  • RE: high speed nids
    ... Subject: high speed nids ... > NetworkICE (now ISS property) has a gigabit-capable sentry offering. ... -- The GNU Awk User's Guide. ...
    (Focus-IDS)
  • Re: VASIMIR test on ISS
    ... VASIMIR all over the Internet. ... The test engine itself shouldn't be all that heavy. ... HTV has a section devoted to non-pressurized cargo, and since it will attached to the exterior of the ISS anyhow, there's no reason to take it inside of the ISS before attaching it, so it could be put in place via a EVA after being brought up on a HTV. ...
    (sci.space.policy)
  • Re: Atlas V to be man-rated
    ... and get astronauts to the ISS again without ... lion's share of the manned space budget. ... to push for a less desirable LOX/kerosene engine? ...
    (sci.space.policy)