On Jun 10, 2009, at 9:32 PM, Maxwell Reid wrote:
you really only need specialized ASIC's as part of the forwarding
plane of high end routers.
When you're talking about DDoS, that's what's needed; general-purpose
CPUs on boxes running many different VM/OS/app stacks, or things like
ASAs d
On Jun 9, 2009, at 5:00 PM, Roland Dobbins wrote:
On Jun 10, 2009, at 6:41 AM, Maxwell Reid wrote:
It's using them in combination with vShield Zones at the ESX level
(new feature of v4) that yields the best results.
It's also important to note that all of this runs in software, and
is
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
On Jun 10, 2009, at 6:41 AM, Maxwell Reid wrote:
It's using them in combination with vShield Zones at the ESX level
(new feature of v4) that yields the best results.
It's also important to note that all of this runs in software, and is
thus subject to the performance limitations thereof.
The ACL"s on the vswitch/nexus are only part of the security
equation. It's using them in combination with vShield Zones at the
ESX level (new feature of v4) that yields the best results.
~Max
On Jun 9, 2009, at 7:39 AM, Gert Doering wrote:
Hi,
On Tue, Jun 09, 2009 at 12:12:32PM +0
Hi,
On Tue, Jun 09, 2009 at 12:12:32PM +0100, Sam Stickland wrote:
> I notice that in all the Cisco marketing material it talks repeatedly
> about how the guest's security profile will migrate with the VM.
> However, as far as I can tell NX-OS only offers non-stateful ACLs and no
> inspection s
On Jun 9, 2009, at 6:12 PM, Sam Stickland wrote:
only offers non-stateful ACLs and no inspection so I'm not sure
it's really that useful?
Stateful inspection in front of front-end servers is generally not
only useless, but counterproductive, as it greatly increases
susceptibility to DDo
All,
I had some feedback from people that have tried it in the lab, but not
in production yet.
I notice that in all the Cisco marketing material it talks repeatedly
about how the guest's security profile will migrate with the VM.
However, as far as I can tell NX-OS only offers non-stateful A
Hi,
On Mon, Jun 01, 2009 at 04:27:54PM +0100, Sam Stickland wrote:
> Has anyone here deployed the Nexus V1000? I'm interested in feedback
> (good, back or indifferent).
We haven't deployed it yet, but what I was demonstrated at Networkers
in Barcelona was definitely Way Cool. "The Cisco way" to
Hi,
Has anyone here deployed the Nexus V1000? I'm interested in feedback
(good, back or indifferent).
Thanks,
Sam
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.
13 matches
Mail list logo