But as anyways know this not the right approach in very large
enterprises. This does not scale if you need X for a 10mbps, what would
you need to capture packets at Giga speeds. ??
/mark
At 12:49 PM 9/6/00 -0500, Steve Smith wrote:
>I concur. In the ISS class I was in the machine is key. Kickin box with lots
>of RAM. You don't have to have a server, just something that will not get
>bogged at crunch time.
>
>regards,
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, September 06, 2000 12:14 PM
>To: Sadler, Connie J; Mark, Johnston; [EMAIL PROTECTED]
>Subject: RE: Real Secure Intrusion Detection
>
>
>Are you sure about this:
>
>
>According to ISS Real Secure 5.0 Getting Started Guide, it states the
>following:
>
>
>Setting up a system for a network sensor requires an understanding of
>several key variables:
>
>CPU type and speed
>RAM
>Sensor policy
>- signatures activated
>- responses activated
>Packets per second on network
>Packets that match active signatures
>
>
>
>Table 1 on page 3 describes system requirements that should work on lightly
>loaded networks (less than 30 MBps) for the variables listed above. For
>more heavily loaded networks (30-60 MBps), it is strongly
>recommended that you set up as powerful a system as you can.
>
>RAM
>In a heavily loaded network, RAM is vital. The network sensor is
>multi-threaded, so multiple processors will improve performance for a
>single engine. The performance impact on Solaris is greater than on
>Windows NT.
>
>Note:No matter how you set up your system, there may be some
>environments in which the RealSecure network sensor cannot process
>the network traffic. If this happens, reconfigure the network sensor to
>reduce the number of active signatures or responses.
>
>
>/mark
>At 10:09 AM 9/6/00 -0400, Sadler, Connie J wrote:
>
> >We completed an extensive eval including RealSecure. It is the best for
> >large pipes, as far as we are concerned - handles large volumes of traffic
> >well, and in fact, scales better than anything else we tested.
> >
> >Connie
> >
> >-----Original Message-----
> >From: Mark, Johnston [mailto:[EMAIL PROTECTED]]
> >Sent: Wednesday, September 06, 2000 6:09 AM
> >To: [EMAIL PROTECTED]
> >Subject: Real Secure Intrusion Detection
> >
> >
> >Hi,
> >
> >Does anyone have a site with RealSecure Intrusion detection ?
> >I've just gone to a demo .... and well the product didn't look half bad,
>but
> >I'm looking for some first hand experiences.
> >
> >Thanks
> >Mark
> >-
> >[To unsubscribe, send mail to [EMAIL PROTECTED] with
> >"unsubscribe firewalls" in the body of the message.]
> >-
> >[To unsubscribe, send mail to [EMAIL PROTECTED] with
> >"unsubscribe firewalls" in the body of the message.]
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
