Hi Juan,
I've tested DIR in laboratory and it really works well. We had aDragon IDS
detecting attacks and, when integrated with NetSight Atlas,applying
restrictions to the attacker's switch port.
Cisco does have a similar solution (I believe it's called RBAC) but itdepends
on having servers specifically for this solution and, as faras I know, it is
not as complete as Enterasys.
I'd love to hear from people who've used Cisco's solution.
See ya,Bernardo.
On 1/8/06, Juan B <juanbabi@yahoo.com> wrote:> Hi,>> I tought to implement
Enterasys DIR (dynamic> intrustion response ) on my corporate lan ,this new>
thecnology had a Firewall on each swithch port. one> can configure a defailt
policy for the entire switch> and with one click enable it on all ports, with>
Netsight Atlas and authntication of users with a> backend Ldap server or Active
directory I can> configure policy of traffic for each userin the> company this
is a Fw for layers 2-4.> I tried to look for similer thechnologies at other>
vendors like cisco and they dont have anything. is it> possible with cisco to
configure ACL's on LAN switchs?> like in the old 2900 familiy?> and if yes, I
dont thing it is managemble....>>> So what so you think about the DIR? I guess
the other> vendors are way behind or am I wrong.>> Thnaks !>>>>>
__________________________________________> Yahoo! DSL – Something to write
home about.> Just $16.99/mo. or less.> dsl.yahoo.com>>>
--------------------------------------------------------------------------->
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE> The Norwich
University program offers unparalleled Infosec management> education and the
case study affords you unmatched consulting experience.> Tailor your education
to your own professional goals with degree> customizations including Emergency
Management, Business Continuity Planning,> Computer Emergency Response Teams,
and Digital Investigations.>> http://www.msia.norwich.edu/secfocus>
---------------------------------------------------------------------------->>
