[unisog] mirage counterpoint

Mark Brochu mbrochu at hartford.edu
Fri Jun 17 14:56:27 GMT 2005


Greetings all,

Recently we took a look at Mirage Network's Counterpoint appliance.  It 
is a linux based appliance that looks for traffic "anomalies" by 
listening on different vlans.  It does this by listening to ethernet 
(arp) activity as well as other higher layer activity.  It uses a 
behavior based as opposed to a signature based approach to detect 
malicous traffic.  I am wondering if anyone here has had experience with 
it or could mention any other appliance that uses a similar detection 
mechanism.  Thanks much!

Mark Brochu
Network Analyst
University of Hartford



More information about the unisog mailing list