Re: IDS\IPS that can handle one Gig

From: Nick Black (dank_at_qemfd.net)
Date: 06/06/05

Next message: Bob Walder: "IPS test criteria (was IDS\IPS that can handle one Gig)"

Previous message: Nick Black: "Re: IDS\IPS that can handle one Gig"
In reply to: THolman_at_toplayer.com: "RE: IDS\IPS that can handle one Gig"
Next in thread: THolman_at_toplayer.com: "RE: IDS\IPS that can handle one Gig"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 6 Jun 2005 16:48:49 -0400
To: THolman@toplayer.com

THolman@toplayer.com assumed the extended riemann hypothesis and showed:
> A box with one or two ASICs in is easily outperformed by a PC with the
> latest Intel processor, fast network cards and a good chunk of memory.
> However, the PC is more prone to hard disk failure, which is why you should
> never put one inline if uptime is critical.

This is a valid point, and the critical reason behind our decision at
Reflex to use 16MB flash RAM devices on our sensor apparatus, reporting
via dedicated mechanism to a management / aggregation device with
RAID-backed mass store. Of course, this does not any panacea make, but
it does facilitate and make more tolerable our stubborn reliance on
COTS hardware.

For our customers with need for true high availability, we offer a
more complete solution that certainly doesn't end at store redundancy.
It's been my observation, however, that such customers are few and far
between (disclaimer: I speak with pretension of authority regarding
neither the sales space nor Reflex's business plans). Perhaps these
customers are simply flocking to the ASIC-based approaches, and I see
disproportionately few; the ASIC model certainly has a panache about
it (as does TopLayer's fine product -- kudos).

-- 
nick black          "np:  the class of dashed hopes and idle dreams."
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

Next message: Bob Walder: "IPS test criteria (was IDS\IPS that can handle one Gig)"

Previous message: Nick Black: "Re: IDS\IPS that can handle one Gig"
In reply to: THolman_at_toplayer.com: "RE: IDS\IPS that can handle one Gig"
Next in thread: THolman_at_toplayer.com: "RE: IDS\IPS that can handle one Gig"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]