RE: [Snort-users] Cisco IDS

Joe,

Yeah I am talking about the IDSM-2 Module.

Only $20k??  No way!  It is way more than that, at
least it is here in Japan.  Last time I got a quote on
it, the price was well into the $60Ks.

I agree with Using Gig Snort instead, better yet,
Sourcefire.  

This is not a commercial plug but just, it is easy to
use and customers can understand it.  And it is so
much prettier than ACID or Aanval.  

Yeah, pretty sells here in Japan.

Theo



--- Joe Patterson <jpatterson@asgardgroup.com> wrote:

> > -----Original Message-----
> > [mailto:snort-users-admin@lists.sourceforge.net]On
> Behalf Of Theodore
> > Stout
> > Sent: Monday, January 17, 2005 10:13 AM
> > To: John Hally;
> 'snort-users@lists.sourceforge.net'
> > Subject: Re: [Snort-users] Cisco IDS
> ...
> > Following this, I have to say that Cisco IDS is
> good
> > in conjunction with the 65XX class of switches. 
> If
> > you need like +5Gig of throughput, this is a nice
> > solution.
>
> Note, however, that the IDS component of this, the
> IDSM-2 (I'm assuming this
> is what you are referring to) doesn't exactly have
> multi-gigabit inspection
> capability.  From
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_data_sheet091
> 86a00801e55dd.html:
> "600 megabits per second (Mbps) of IDS inspection
> provides high-speed
> packet-examination capabilities and allows for more
> protection of a wider
> variety of networks and traffic"
>
> It sounds to me like you'd actually get better
> performance by taking a
> gigabit IDS and plugging it into a SPAN port.
>
> That, and it's also a $20K box.
>
> Which is, of course, one of the reasons that I
> prefer snort.  :)
>
> -Joe
-------------------------------------------------------
> The SF.Net email is sponsored by: Beat the
> post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt
> from ThinkGeek.
> It's fun and FREE -- well,
> almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________
> Snort-users mailing list
> Snort-users@lists.sourceforge.net
> Go to this URL to change user options or
> unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
>



                
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - 250MB free storage. Do more. Manage less. 
http://info.mail.yahoo.com/mail_250


-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users