RE: IPS Reliability/Availability

Marty

Correct me if I am wrong, but that is on the bivio box correct?
Interestingly our tests on this platform were well below the advertised
rates. Are you planning any 3rd party testing of it?

alan

 
StillSecure
Alan Shimel
Chief Strategy Officer

O 303.381.3815
C 516.857.7409
F 303.381.3881
email ashimel_at_stillsecure.com
blog http://ashimmy.typepad.com

www.stillsecure.com
The information transmitted is intended only for the person
to whom it is addressed and may contain confidential material.
Review or other use of this information by persons other than
the intended recipient is prohibited. If you've received
this in error, please contact the sender and delete
from any computer.

-----Original Message-----
From: Martin Roesch [mailto:roesch_at_sourcefire.com]
Sent: Thursday, February 16, 2006 1:31 PM
To: David Williams
Cc: geek_brigades_at_yahoo.com; focus-ids_at_securityfocus.com
Subject: Re: IPS Reliability/Availability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi David,

You're referring to our IS 5800 chassis. The 5800 is a carrier grade
platform that uses a multiple PowerPC CPUs as the application
processors. It also uses a network processor for traffic management,
load balancing, and several other capabilities as well as another PPC
for systems management. The system is fully fault tolerant, you can
hot swap power supplies, network interface modules (NIMs), fan trays,
hard drives and even processor boards without requiring a restart of
the system. The NIMs also offer power-off fail-open capability.
Furthermore, the chassis is extensible, it's got a backplane
connector so you can attach another chassis to it and distribute the
applications and traffic across up to 8 more application CPUs (yep,
14 CPUs of Snorting fury) so you've got some pretty significant
investment protection as well because you don't need to get out your
forklift to go to the "next step up platform" to get more
performance, you just add computing power as needed and we can run
all of our network-facing applications on it.

We have configurations that offer 2 or 6 CPUs for our applications
right now and you can run intrusion detection, prevention or RNA in
any combination you like on the device at the same time on it. For
example, you could have one chassis with 4 ports doing IPS, 2 ports
doing IDS and 2 running RNA.

Performance is very good as well, multi-gig processing is available
even in the 2 CPU configuration but obviously I don't have any third
party testing to point to so you can take that for what it's worth.

      -Marty

- --
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFD9MTvqj0FAQQ3KOARAuKtAJ9zokhur/6W+ASEAaJVRbg/fqeFJACfRoAX
F7rAUA+dmmx1RFnPWj8PR0c=
=eVYv
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Received on Feb 21 2006