Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IPS Reliability/Availability

from [Martin Roesch] Network Security [Permanent Link]
Subject: Re: IPS Reliability/Availability
Date: Thu, 16 Feb 2006 13:31:10 -0500 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi David,

You're referring to our IS 5800 chassis. The 5800 is a carrier grade platform that uses a multiple PowerPC CPUs as the application processors. It also uses a network processor for traffic management, load balancing, and several other capabilities as well as another PPC for systems management. The system is fully fault tolerant, you can hot swap power supplies, network interface modules (NIMs), fan trays, hard drives and even processor boards without requiring a restart of the system. The NIMs also offer power-off fail-open capability. Furthermore, the chassis is extensible, it's got a backplane connector so you can attach another chassis to it and distribute the applications and traffic across up to 8 more application CPUs (yep, 14 CPUs of Snorting fury) so you've got some pretty significant investment protection as well because you don't need to get out your forklift to go to the "next step up platform" to get more performance, you just add computing power as needed and we can run all of our network-facing applications on it.

We have configurations that offer 2 or 6 CPUs for our applications right now and you can run intrusion detection, prevention or RNA in any combination you like on the device at the same time on it. For example, you could have one chassis with 4 ports doing IPS, 2 ports doing IDS and 2 running RNA.

Performance is very good as well, multi-gig processing is available even in the 2 CPU configuration but obviously I don't have any third party testing to point to so you can take that for what it's worth.

     -Marty

- --
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFD9MTvqj0FAQQ3KOARAuKtAJ9zokhur/6W+ASEAaJVRbg/fqeFJACfRoAX
F7rAUA+dmmx1RFnPWj8PR0c=
=eVYv
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IPS Reliability/Availability, Mike Barkett
Next by Date:  Re: Testing IDS with tcpreplay, Richard Bejtlich
Previous by Thread:  Re: IPS Reliability/Availability, Bob Walder
Next by Thread:  RE: IPS Reliability/Availability, Alan Shimel
Indexes:  [Date] [Thread] [Top] [All Lists]