Re: challenges in capturing Gigabit ethernet



Its not only installing GB NIC. An IDS/IPS must be capable of processing the packet at that speed. For this purpose, it makes use of HW accelerators, efficient algorithms and data structures.
I hope you have some idea now.
regards
-Sanjay


At 01:28 PM 12/23/2005, Siddharth Phadnis wrote:
Hi All,

Vendors have long been talking about gigabit ethernet capabilities of
their IDS/IPS. It got me thinking that is it just a simple matter of
installing a gigabit ethernet card in the appliance and capturing the
packets or is there any specialized hardware which is required.

In effect, what all challenges are involved in capturing packets off a
gigabit ethernet network so that packets do not drop. Does it just
involve the hardware or are there some considerations in software too?

Regards,
Siddharth



Sanjay Rawat Senior Software Engineer INTOTO Software (India) Private Limited Uma Plaza, Above HSBC Bank, Nagarjuna Hills PunjaGutta,Hyderabad 500082 | India Office: + 91 40 23358927/28 Extn 422 Website : www.intoto.com Homepage: http://sanjay-rawat.tripod.com






------------------------------------------------------------------------ Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------




Relevant Pages

  • Re: challenges in capturing Gigabit ethernet
    ... > installing a gigabit ethernet card in the appliance and capturing the ... > packets or is there any specialized hardware which is required. ... This is a simple comment from someone who is not an IDS/IPS expert, ...
    (Focus-IDS)
  • Re: Is Intuits TurboTax utilizing spyware in this years edition?
    ... computer is to look at the ethernet packets that flow from its bowels. ... The Gulpit packet sniffer source is free at http://www.crak.com. ... ever installing an operating system and it does not matter what operating ... >> date/time I had installed this years version of Intuit's TurboTax. ...
    (comp.security.misc)
  • Re: Is Intuits TurboTax utilizing spyware in this years edition?
    ... computer is to look at the ethernet packets that flow from its bowels. ... The Gulpit packet sniffer source is free at http://www.crak.com. ... ever installing an operating system and it does not matter what operating ... >> date/time I had installed this years version of Intuit's TurboTax. ...
    (comp.security.misc)
  • Re: windows Updater Site, unable to reach after update(KB893066)
    ... > After installing the following update through "Help and Support" Window, ... On computers that are running Microsoft Windows XP with Service Pack 1 ... > Datagram Protocol packets. ...
    (microsoft.public.windowsupdate)
  • Re: Microsoft Security Bulletin MS02-024
    ... I would read the out going packets and see whats going on myself. ... remember the GUID? ... > I have just tried installing Q320206 but have temporarily aborted it. ...
    (microsoft.public.win2000.security)