Re: IPS Reliability/Availability

I know its not on the list but I would give the Cisco ASA appliances a
look, I'm not going to give you a sales pitch but here's a link :
http://www.cisco.com/en/US/products/ps6120/prod_brochure0900aecd80402ef4.html

- SaP -

On 2/22/06, Bob Walder <bwalder@spamcop.net> wrote:
> We have several IPS vendors submitting Multi-Gig IPS products on the Bivio
> platform this year - results will be available in our multi-Gigabit IPS
> report in the summer.
>
> Results from testing 1Gbps products on this platform will be available in
> the next few weeks
>
> Having done some very "quick and dirty" tests of the Bivio box on its own, I
> can confirm that the performance is pretty impressive, and the
> architecture/scalability looks good.
>
> Will be very interesting to see how the "software plus RISC" stacks up to
> the "ASIC/FPGA" solutions over time in terms of both performance and cost -
> should be an interesting report! :o)
>
> Bob Walder
> The NSS Group
>
>
> On 20/2/06 01:40, "Alan Shimel" <ashimel@stillsecure.com> wrote:
>
> > Marty
> >
> > Correct me if I am wrong, but that is on the bivio box correct?
> > Interestingly our tests on this platform were well below the advertised
> > rates.  Are you planning any 3rd party testing of it?
> >
> > alan
> >
> >
> > StillSecure
> > Alan Shimel
> > Chief Strategy Officer
> >
> > O 303.381.3815
> > C 516.857.7409
> > F 303.381.3881
> > email ashimel@stillsecure.com
> > blog http://ashimmy.typepad.com
> >
> > www.stillsecure.com
> > The information transmitted is intended only for the person
> > to whom it is addressed and may contain confidential material.
> > Review or other use of this information by persons other than
> > the intended recipient is prohibited. If you've received
> > this in error, please contact the sender and delete
> > from any computer.
> >
> > -----Original Message-----
> > From: Martin Roesch [mailto:roesch@sourcefire.com]
> > Sent: Thursday, February 16, 2006 1:31 PM
> > To: David Williams
> > Cc: geek_brigades@yahoo.com; focus-ids@securityfocus.com
> > Subject: Re: IPS Reliability/Availability
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi David,
> >
> > You're referring to our IS 5800 chassis.  The 5800 is a carrier grade
> > platform that uses a multiple PowerPC CPUs as the application
> > processors.  It also uses a network processor for traffic management,
> > load balancing, and several other capabilities as well as another PPC
> > for systems management.  The system is fully fault tolerant, you can
> > hot swap power supplies, network interface modules (NIMs), fan trays,
> > hard drives and even processor boards without requiring a restart of
> > the system.  The NIMs also offer power-off fail-open capability.
> > Furthermore, the chassis is extensible, it's got a backplane
> > connector so you can attach another chassis to it and distribute the
> > applications and traffic across up to 8 more application CPUs (yep,
> > 14 CPUs of Snorting fury) so you've got some pretty significant
> > investment protection as well because you don't need to get out your
> > forklift to go to the "next step up platform" to get more
> > performance, you just add computing power as needed and we can run
> > all of our network-facing applications on it.
> >
> > We have configurations that offer 2 or 6 CPUs for our applications
> > right now and you can run intrusion detection, prevention or RNA in
> > any combination you like on the device at the same time on it.  For
> > example, you could have one chassis with 4 ports doing IPS, 2 ports
> > doing IDS and 2 running RNA.
> >
> > Performance is very good as well, multi-gig processing is available
> > even in the 2 CPU configuration but obviously I don't have any third
> > party testing to point to so you can take that for what it's worth.
> >
> >       -Marty
> >
> > - --
> > Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> > Sourcefire - Security for the Real World - http://www.sourcefire.com
> > Snort: Open Source Network IDS - http://www.snort.org
> >
> >
> >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.1 (Darwin)
> >
> > iD8DBQFD9MTvqj0FAQQ3KOARAuKtAJ9zokhur/6W+ASEAaJVRbg/fqeFJACfRoAX
> > F7rAUA+dmmx1RFnPWj8PR0c=
> > =eVYv
> > -----END PGP SIGNATURE-----
> >
> > ------------------------------------------------------------------------
> > Test Your IDS
> >
> > Is your IDS deployed correctly?
> > Find out quickly and easily by testing it
> > with real-world attacks from CORE IMPACT.
> > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> > to learn more.
> > ------------------------------------------------------------------------
> >
> >
> > ------------------------------------------------------------------------
> > Test Your IDS
> >
> > Is your IDS deployed correctly?
> > Find out quickly and easily by testing it
> > with real-world attacks from CORE IMPACT.
> > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> > to learn more.
> > ------------------------------------------------------------------------
>
>
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------