Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: IPS Reliability/Availability

from [CraigPaterson] Network Security [Permanent Link]
Subject: RE: IPS Reliability/Availability
Date: Fri, 3 Feb 2006 08:37:46 -0000 

Network critical do a range of inline taps in their v-line range.
you have two ips units connected to this unit and in normal working your live 
traffic will pass through the primary unit. If the primary dies then the 
traffic is re-routed via the secondary. If this fails then the unit will go 
into bypass mode. The unit also goes to bypass on power or any other problems 
with the tap.

We use these units with Packetshapers and they work very well, during testing 
we experienced a maximum of 2 secs downtime during failure scenarios.

website is http://www.networkcritical.com

Cheers,
        Craig

-----Original Message-----
From: Chris Serafin [mailto:chris@chrisserafin.com]
Sent: 02 February 2006 21:51
To: geek_brigades@yahoo.com; focus-ids@securityfocus.com
Subject: RE: IPS Reliability/Availability


I know from the short time I worked for a Juniper reseller, the Juniper IPS
has a separate box [very small] that does like a HA link to the IPS, so if
the IPS fails, the traffic routed straight throught the network with no IPS

Chris Serafin
IT Security / VoIP Engineer
chris@chrisserafin.com

-----Original Message-----
From: geek_brigades@yahoo.com [mailto:geek_brigades@yahoo.com] 
Sent: Thursday, February 02, 2006 10:27 AM
To: focus-ids@securityfocus.com
Subject: IPS Reliability/Availability

I am working on a big IPS project and I am very concerned about installing
an inline device in a core enterprise network, where these devices have the
potential to create big time network outages. 

Can you, please, share your possible bad experiences about the reliability
of the following inline IPS products:

ISS
TippingPoint
Juniper IPS
Sourcefire
McAfee IntruShield

Have you had any issues with the availability of these devices, such as fail
close crashes or do you have any experience with bypass switches that would
mitigate the availability issue?

Thanks,
Mike

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------




------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------



.
----------------------------------------------------------------------------------------------------------------------

Halifax plc, Registered in England No. 2367076.  Registered Office: Trinity 
Road, Halifax, West Yorkshire HX1 2RG.  Authorised and regulated by the 
Financial Services Authority.
==============================================================================


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Real world experience with HIDS, Paul Schmehl
Next by Date:  Writing signatures for e-mail virus attachments, c_sek_har
Previous by Thread:  Re: IPS Reliability/Availability, Richard Bejtlich
Next by Thread:  RE: IPS Reliability/Availability, Andrew Plato
Indexes:  [Date] [Thread] [Top] [All Lists]