Re: Firewall and IDS, (the second way).

From: Marco Ivaldi (raptorat_private)
Date: Mon Mar 18 2002 - 03:58:57 PST

Next message: Jeremiah Grossman: "Re: CSS implication"

Previous message: zero: "Re: CSS implication"
Maybe in reply to: sekureat_private: "Firewall and IDS, (the second way)."
Next in thread: PJD@portcullis-security.com: "RE: Firewall and IDS, (the second way)."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Some commercial IDS use special a special Ethernet device that is
> supposed to be invisible.

If you want your sensor to be non-invasive and undetectable, it's highly
suggested that you use a special device, like the Shomiti (now Finisar)
Century TAP:

http://www.finisar.com/product/product.php?product_id=69&product_category_id=41

PROS: full duplex support, fault tolerant, non-invasive network
monitoring, undetectable, useful for switched environments (there's no
longer need for a span port).

CONS: it's expensive for small environments.

Hope that helps,

+------------------------------------------------------------+
|Marco Ivaldi                    Email:  miat_private
|Security Manager                Phone:  (+39)-011-32.72.100
|D.S.D. Data Security Division   Fax:    (+39)-011-32.46.497
|@ Mediaservice.net Srl          http://www.0xdeadbeef.eu.org
|Get my PGP pubkey at http://www.0xdeadbeef.eu.org/raptor.asc

Next message: Jeremiah Grossman: "Re: CSS implication"
Previous message: zero: "Re: CSS implication"
Maybe in reply to: sekureat_private: "Firewall and IDS, (the second way)."
Next in thread: PJD@portcullis-security.com: "RE: Firewall and IDS, (the second way)."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 18 2002 - 09:13:26 PST