Re: challenges in capturing Gigabit ethernet

From: Sanjay Rawat <sanjayr@xxxxxxxxxx>
Date: Wed, 28 Dec 2005 10:10:12 +0530

Its not only installing GB NIC. An IDS/IPS must be capable of processing the packet at that speed. For this purpose, it makes use of HW accelerators, efficient algorithms and data structures. I hope you have some idea now. regards -Sanjay

At 01:28 PM 12/23/2005, Siddharth Phadnis wrote:

Hi All,

Vendors have long been talking about gigabit ethernet capabilities of
their IDS/IPS. It got me thinking that is it just a simple matter of
installing a gigabit ethernet card in the appliance and capturing the
packets or is there any specialized hardware which is required.

In effect, what all challenges are involved in capturing packets off a
gigabit ethernet network so that packets do not drop. Does it just
involve the hardware or are there some considerations in software too?

Regards,
Siddharth


Sanjay Rawat
Senior Software Engineer
INTOTO Software (India) Private Limited
Uma Plaza, Above HSBC Bank, Nagarjuna Hills
PunjaGutta,Hyderabad 500082 | India
Office: + 91 40 23358927/28 Extn 422
Website : www.intoto.com
  Homepage: http://sanjay-rawat.tripod.com


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------

Follow-Ups:
- Re: challenges in capturing Gigabit ethernet
  - From: Mike

References:
- challenges in capturing Gigabit ethernet
  - From: Siddharth Phadnis

Prev by Date: RE: Remote IDS Testing - Config question
Next by Date: Re: challenges in capturing Gigabit ethernet
Previous by thread: challenges in capturing Gigabit ethernet
Next by thread: Re: challenges in capturing Gigabit ethernet
Index(es):
- Date
- Thread

Relevant Pages

Re: challenges in capturing Gigabit ethernet
... > installing a gigabit ethernet card in the appliance and capturing the ... > packets or is there any specialized hardware which is required. ... This is a simple comment from someone who is not an IDS/IPS expert, ...
(Focus-IDS)
Re: Is Intuits TurboTax utilizing spyware in this years edition?
... computer is to look at the ethernet packets that flow from its bowels. ... The Gulpit packet sniffer source is free at http://www.crak.com. ... ever installing an operating system and it does not matter what operating ... >> date/time I had installed this years version of Intuit's TurboTax. ...
(comp.security.misc)
Re: Is Intuits TurboTax utilizing spyware in this years edition?
... computer is to look at the ethernet packets that flow from its bowels. ... The Gulpit packet sniffer source is free at http://www.crak.com. ... ever installing an operating system and it does not matter what operating ... >> date/time I had installed this years version of Intuit's TurboTax. ...
(comp.security.misc)
Re: windows Updater Site, unable to reach after update(KB893066)
... > After installing the following update through "Help and Support" Window, ... On computers that are running Microsoft Windows XP with Service Pack 1 ... > Datagram Protocol packets. ...
(microsoft.public.windowsupdate)
Re: Microsoft Security Bulletin MS02-024
... I would read the out going packets and see whats going on myself. ... remember the GUID? ... > I have just tried installing Q320206 but have temporarily aborted it. ...
(microsoft.public.win2000.security)