On Tue, Nov 05, 2002 at 08:32:51AM -0000, Proxy Administrator wrote:
>
>
> Aiguo Fei wrote :
> >
> >>so you wouldn't miss any attack that it *could* detect.
> >
> >This is NOT true. If the IDS system doesn't have enough
> >processing >power or doesn't have a good enough performance,
> >under certain load >it may fail to process(analyze) the packet to
> >catch the attack (of >course it has to let it pass through to
> >fullfill the inlining >requirement).
>
> Hmmm... is this true for any other system out there which is
> placed inline? I thought this issue would be handled the same way
> a firewall would handle it.
I've gotta agree with Proxy Admin here... failing open is NOT acceptable.
The solution to the performance issue is either a more powerful device or
some means to do load balancing.
--
Aaron Turner <aturner at pobox.com|synfin.net> http://synfin.net/aturner
They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety. -- Benjamin Franklin
pub 1024D/F86EDAE6 Sig: 3167 CCD6 6081 0FFC B749 9A8F 8707 9817 F86E DAE6
All emails by me are PGP signed; a lack of a signature indicates a forgery.
- application/pgp-signature attachment: stored
Received on Nov 11 2002
Intro
