IDS on Switched Networks

From: Paul W. Stoecker, Ph.D. (
Date: 12/05/01

Date: Tue, 04 Dec 2001 20:55:55 -0500
From: "Paul W. Stoecker, Ph.D." <>


If you are on a switched network, do you have to place your NIDS sensor
in a location that can capture everything. For instance, my firewall is
connected into a router which contains all of my switches and acts as a
switch itself.

Do I have to put the sensor in the critical path? Does that mean that I
have to put a sensor on the Firewall, use another machine that is a
router, or do I need a hub for the sensor and firewall to share?

Your help is greatly appreciated.


Paul W. Stoecker, Ph.D
Network and Information Systems Manager
Checkpoint Certified Security Administrator
Panasonic Technologies Company
Two Research Way
Princeton, NJ  08540
Phone:  (609) 734-7584
FAX:	(609) 987-8827

Relevant Pages

  • Re: Newbie Questions
    ... The IT guys at work are hush hush about everything. ... I assume that the router ... They have like five switches with 16 or so ... They also have a Cyberguard firewall, ...
  • Looking for 8-port switch / firewall / router
    ... - firewall ... (An absolute optional would also be an 802.11g WLAN router ... Unfortuately there does not seem to be such a piece of hardware on the ... I have found only 4-port switches which have additional ...
  • Re: Kein Ping möglich
    ... >und genau im Router ist eine Firewall. ... ein cross-over Kabel zusammenhänge habe ich keinen Ping. ... Netzwerk, also Switches anpinge, dann bekomme ich einen ...
  • Re: Busch and Mueller taillight question
    ... have a light sensor as well as a motion sensor, ... That's the way the lamp is supposed to operate, ... switches it off after a delay, absence of movement switches it off ...
  • Re: Need help to extend capabilities of a simple proximity circuit
    ... I have extended the kit with another kit to add relay ... So when an object nears the sensor it switches the ... All this is a simple kit set circuit that runs on 12V. ...