I have heard Dragon can do 150-200Mb's.
----- Original Message -----
From: "Aaron Schultz" <[EMAIL PROTECTED]>
To: "Firewalls LIST" <[EMAIL PROTECTED]>
Sent: Thursday, August 03, 2000 3:11 PM
Subject: RE: Intrusion Detection
> I've found no product that can do network-based detection for 100+Mb
> environments. Currently we've decided on host-based IDS as our answer.
> Both ISS and Axent's products can do similar management of multiple hosts
> similar to network-based products including the ability to watch single
> port-scans across multiple hosts, etc. ISS and Axent are also
> multi-platform.
>
> - Aaron Schultz
> - [EMAIL PROTECTED]
> ------
>
> On Thu, 3 Aug 2000, Johnson, Carl wrote:
>
> > Bandwidth is an issue for me. I'm told by Cisco that
> > NetRanger (or Intrusion Detection System as it is called
> > now) also cannot monitor more than 100mbs.
> >
> > Does anything know of an IDS system that can go over 100mbs?
> > Perhaps with a gig interface? That is, if adequate monitoring
> > is even possible with today's hardware at those speeds!
> >
> > Thanks!
> > Carl
> >
> > > -----Original Message-----
> > > From: Aaron Schultz [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, August 03, 2000 10:54 AM
> > > To: Firewalls LIST
> > > Subject: Re: Intrusion Detection
> > >
> > >
> > > I wouldn't promote NFR...
> > >
> > > They can't monitor much bandwidth...(ie: 100+Mbit)
> > > When I asked about monitoring any amount of bandwidth they sent me to
> > > voicemail and I wasn't called back until the sales associate
> > > decided it
> > > was time to check to see if I had received answers to my various
> > > questions. Furthermore, they claim the only way to monitor a decent
> > > amount of bandwidth is to put multiple NFR devices behind a
> > > foundry (or
> > > similar) switch, although they don't have true answers on how
> > > the machines
> > > coordinate their data when used seperately like this.
> > >
> > > NFR also lists only DESKTOP devices (ie: Compaq PCs) on their
> > > literature,
> > > not 1 piece of hardware listed was a decent server platform.
> > >
> > > I never made it to their evaluation of their product - I find their
> > > pre-sales support to be less than adequate. Currently the
> > > best answers
> > > for IDS (IMO) are:
> > > - Internet Security System's products
> > > - Axent's (now Norton's) product line
> > > (both have Windows agents)
> > >
> > > - Aaron Schultz
> > > - [EMAIL PROTECTED]
> > > ------
> > >
> > > On Thu, 3 Aug 2000, Fabio Pietrosanti wrote:
> > >
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > >
> > > > Network Flight Recorder, run only on Unix, but it's the
> > > BEST and the most
> > > > difficult to tune in my opinion. It use his N-Code for creating the
> > > > Backend filter.
> > > > look here http://www.nfr.net
> > > >
> > > > Pietrosanti Fabio I.NET SpA, High Quality Access
> > > to the Internet
> > > > e-mail: [EMAIL PROTECTED] ( Direzione Tecnica,
> > > Gruppo Firewall )
> > > > [EMAIL PROTECTED]
> > > > PGP Key (DSS)
> > http://naif.itapac.net/naif.asc
> > >
> > > Home Page URL: http://www.inet.it
> > > Sede: Via Caldera, 21 20153 Milano
> > > Tel: 02-409061 Fax: 02-40906303
> > > --
> > > Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS
> > >
> > >
> > > On Thu, 3 Aug 2000, Rob Serfozo wrote:
> > >
> > > > We are investigating the installation of Intrusion Detection
software.
> > > > Wondering if the list had any opinions good or bad towards any
product.
> > We
> > > > are hoping to be able to run on a Windows platform. We are
currently
> > using
> > > > a PIX firewall.
> > > >
> > > > Thanks,
> > > > Rob Serfozo
> > > >
> > > > -
> > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > > "unsubscribe firewalls" in the body of the message.]
> > > >
> > > >
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1.0.1 (GNU/Linux)
> > > Comment: For info see http://www.gnupg.org
> > > Filter: gpg4pine 4.1 (http://azzie.robotics.net)
> > >
> > > iD8DBQE5iZc8dK5I1NnlcMYRArVIAJwLOjB3xWV8dJL8HcC2GN7JnvWBBwCgnN2v
> > > f/8+3RNhPbhLeFLQ7/hRqzY=
> > > =eoJG
> > > -----END PGP SIGNATURE-----
> > >
> > > -
> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > "unsubscribe firewalls" in the body of the message.]
> > >
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
