recommendations regarding IPS

Hegger, Stefan Stefan.Hegger at lycos-europe.com
Fri Mar 31 14:16:29 UTC 2006


Hi 

On Fri, 2006-03-31 at 08:50 -0500, Robert E.Seastrom wrote:
> "Hegger, Stefan" <Stefan.Hegger at lycos-europe.com> writes:
> 
> > hope not bothering you but I'm looking for some experiences with IPS
> > systems. There are several vendors but is there a recommandation or some
> > tests? As Service provider we need a system which handles the scanning
> > in hardware and it should work as a layer2 bridge (no IP).
> 
> what speed, what problem are you trying to solve, and what do you mean
> by "in hardware"?  no fpgas?  :)

We have a 2 Gbps connection with about about 200kpps in- and outgoing
traffic, and I don't want to pipe the traffic through software, fpgas
are ok.
Our problems are DDoS and we want to have a stateful packet inspection.
The system should not be "static" there should be something like anomaly
detection. It should report if there is "strange" traffic. And of course
the normal stuff as Intrusion detection (worms, botnets etc.)

Stefan  

-- 
Stefan Hegger
Lycos Europe GmbH
Carl-Bertelsmann Str. 21
Postfach 315
33311 Guetersloh

email:Stefan.Hegger at lycos-europe.com
Tel: +49 5241 80 71334
FAX:+49 5241 80671334
Mob:+49 170 1892720
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20060331/b94c64c3/attachment.sig>


More information about the NANOG mailing list