IDS mailing list archives
Help for placing IDS sensors
From: star.gemini () gmail com
Date: 21 Apr 2007 05:23:37 -0000
Hi,
We are in the process of implementing a project involving a huge network comprising of thousands computers and users (1
computer :1.5 users). The network is spread across 600 locations. We wish to implement ADS on Win2003 servers.
In a switched environment, as we all know NIDSs have problems. There are around 40 links directly to HO. Each location
has its own LAN. Each location has sublocations with LANs who authenticate to those higher in hierarchy.
How do we implement IDS sensors 20 (gigabit + 10/100) in count, so that we can monitor all the traffic at lowest
possible level of network, with minimal number of sensors. How can we introduce sensors so that they function as
perfect as Inline
To give you and idea
ISP1 ISP2
\ /
HO(Core ROUTER) + DC
/ \
DC DC
/ \
Router + LAN(A). Router +LAN B----40
/ \
Router + LAN(A1) Router + LanB1
/ \
Router + LAN(AA1) Router + LAN
/ \
Subloc2 Subloc3 |
/ \
Users Users, computers............
Digvijay
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Current thread:
- Help for placing IDS sensors star . gemini (Apr 23)
- RE: Help for placing IDS sensors Bob Buel (Apr 23)
- Re: Help for placing IDS sensors Eric Hacker (Apr 24)