RE: IDS\IPS that can handle one Gig
From: Andrew Plato (andrew.plato_at_anitian.com)
Date: 06/10/05
- Previous message: Drew Simonis: "Re: on NIDS/NIPS tuning"
- Maybe in reply to: THolman_at_toplayer.com: "RE: IDS\IPS that can handle one Gig"
- Next in thread: ian.bamford_at_vigilantminds.com: "Re: RE: IDS\IPS that can handle one Gig"
- Maybe reply: ian.bamford_at_vigilantminds.com: "Re: RE: IDS\IPS that can handle one Gig"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Jun 2005 09:29:13 -0700 To: "Edward Sohn" <edwardsohn@sbcglobal.net>, <THolman@toplayer.com>, <focus-ids@securityfocus.com>
I have an extremely hard time accepting that this was a fair or real
test. I've thrown "gigs of traffic" at a TippingPoint and there was no
dying at all. I've seen them under intense ddos attacks - no problem. I
have numerous customers with "gigs of traffic" running through TP, never
have a problem with performance.
We sell Top Layer. I sold a fair number of them in 2004. They're okay
IPSs. Good performance and excellent at ddos. But, they have ample
weaknesses. You pointed out some (their business/support side is
abysmal.) We moved over to TippingPoint to replace TopLayer, because TP
did more and has outstanding performance.
Also - TippingPoint is ASIC based and can do rate limiting. In fact, Top
Layer and Tipping Point have VERY similar architectures. Their engines
are different, but their basic hardware really isn't that dissimilar.
___________________________________
Andrew Plato, CISSP
President/Principal Consultant
ANITIAN ENTERPRISE SECURITY
3800 SW Cedar Hills Blvd, Suite 280
Beaverton, OR 97005
503-644-5656 Office
503-214-8069 Fax
503-201-0821 Mobile
www.anitian.com
___________________________________
-----Original Message-----
From: Edward Sohn [mailto:edwardsohn@sbcglobal.net]
> I have actually tested the Top Layer boxes against
> a signature-based solution like Tipping Point and
> Mazu Networks. In short, the Tipping Point box died
> because it couldn't handle the gigs of traffic we
> threw at it--exactly what Tim is describing below.
> The Mazu box worked similarly.
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Previous message: Drew Simonis: "Re: on NIDS/NIPS tuning"
- Maybe in reply to: THolman_at_toplayer.com: "RE: IDS\IPS that can handle one Gig"
- Next in thread: ian.bamford_at_vigilantminds.com: "Re: RE: IDS\IPS that can handle one Gig"
- Maybe reply: ian.bamford_at_vigilantminds.com: "Re: RE: IDS\IPS that can handle one Gig"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
