RE: switch recommendations

From: Andrew Cutts (andy@networkcritical.com)
Date: 08/01/02


From: "Andrew Cutts" <andy@networkcritical.com>
To: <focus-ids@securityfocus.com>
Date: Thu, 1 Aug 2002 09:18:37 +0100


You can also get hold of Top Layer equipment through eBay.
http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=2040993167

-----Original Message-----
From: Adam Powers (E-mail) [mailto:apowers@lancope.com]
Sent: 01 August 2002 03:16
To: 'Carl Johnson'; 'Scott C. Kennedy'; cconn@worldbank.org
Cc: focus-ids@securityfocus.com
Subject: RE: switch recommendations

I would look at an Alteon 180e (now owned by Nortel). Alteon introduced IDS
loadbalancing with the 9.0 code (available for over a year, moderately
stable). While the Alteon IDS loadbalancing metrics include only src/dst ip
hash, roundrobin, and minmiss, it's better than nothing at all. Since the
180e can't do L4 loadbalancing for IDSs, it's ruled out in many cases where
port based decisions are required (i.e. sending web traffic to a specific
machine configured with only web sigs).

Possibly the greatest upside to the Alteon is that you can get one on eBay
for $3000 or less. Incredible considering these boxes once retailed for
$16K.

-Adam P.

-----Original Message-----
From: Carl Johnson [mailto:carl.johnson@overture.com]
Sent: Wednesday, July 31, 2002 5:49 PM
To: 'Scott C. Kennedy'; cconn@worldbank.org
Cc: focus-ids@securityfocus.com
Subject: RE: switch recommendations

So are there any alternatives to Top Layer? Or do they have a monopoly on
this small market?

Carl

> I think you're going to have the same response I got when I
> talked to Arrowpoint/
> Cisco about using the CSS-11150 to do the same thing....
>
> The answer I got from most vendors, was "we can't do that"