[Intrusions] 10 Gb and IPv6

Shomiron Das Gupta shomiron at gmail.com
Mon Apr 18 13:55:30 GMT 2005 

Dear Mark,

Yes there are network capable IDS/IPS/NAPS that are capable of
handling traffic well into gigabits. However the important thing you
should notice is not the number of signatures but the architecture
that is used in these systems. As most linear systems will fail the
test when it comes to high volume scanning.

Hope this answers your question sufficiently.

Regards,
Shomiron

Founder,
NetMonastery

On 4/11/05, Mark Newman <mnx at utk.edu> wrote:
> Does anyone have any information on 10 Gb IDS/IPS that actually works?
> 
> I've read that Snort will support up to 8 Gb but, this has to be
> appliance based.
> 
> I recently sat in on a presentation by a company named MetaNetworks that
> will be selling a 10 Gb card (a beta version will be available in a
> couple of weeks). The card will have up to 604 'embedded' Snort
> signatures (none of which it seems are content based) that are
> configurable via a toolkit. My feeling is that their product is not
> ready for prime time. I saw problems, for one thing, with the way
> fragmentation is handled with this early rendition of their product.
> 
> It seems there is a scramble to get something marketable that will
> support 10 Gb. Has anyone come across anything that looks better than
> promising? Many of the companies I've talked with are targeting the
> later half of FY06 for 10 Gb support. What kinds of problems does anyone
> forsee, besides the obvious, with 10 Gb support?
> 
> Has anyone seen anything in the way of a mature IDS/IPS that will
> accommodate IPv6? Snort has ~some~ capabilities. Where are the
> IDSes/IPSes with complete support for IPv6 (i.e. excluding those that
> just recognize IPv6 traffic) ?
> 
> Mark Newman
> CISSP 67152, GCIA 729
> Information Security Office - Technical Lead
> University of Tennessee - Knoxville
> 
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
> 


-- 
-- -- --
He who lives dangerously......
ROCKS THE WORLD!!
-- -- --

More information about the Intrusions mailing list