RE: RE: IDS taps in a switched network (The right tools for the job)

[tschroed () acm org (Trevor Schroeder)]

On Sun, 31 Oct 1999, Ron Gula wrote:

> - As far as building IDS right into the switch, I'm all for it, but I think
>   it is a radical departure for switch manufacturers. Consider Cisco's 
>   attempts to put IDS onto a router card. I have not used this product, but
>   the word is it that it detects <50 attacks. 

I'm not so sure that it's such a radical departure.  Switch mfgrs and
consumers are starting to find that the best place to put some stuff is
right in the switch.

Take a look at layer 4-7 switches.  The concept is not all that different
from in-switch IDS and the performance can be quite good.  Of course, you
pay a premium for a switch with that much smarts...
..........................................................................
: "I knew it was going to cost me my head and also my swivel chair, but  :
: I thought: What the hell--better men than I have risked their heads    :
: and their swivel chairs for truth and justice." -- James P. Cannon     :
:........... http://www.zweknu.org/ for PGP key and more ................: