RE: MPLS IDS question

["Gary Halleen" <ghalleen () cisco com>]

Pierre,

I'm not sure what the capabilities are with other IDS/IPS products, but I
wanted to let you know that Cisco IPS 5.0 supports inspection of traffic
encapsulated within MPLS.  This should greatly simplify your IDS/IPS
deployment.

Gary
 

-----Original Message-----
From: Pierre A. Cadieux [mailto:hobbit () theshire com] 
Sent: Monday, April 04, 2005 6:50 PM
To: focus-ids () securityfocus com
Subject: MPLS IDS question

Hello List,

I was wondering if anyone has yet had the pleasure of rolling out an IDS to
an MPLS environment?

At this point it looks as if MPLS is one of the networking directions being
used within my work environment, and I was hoping that someone has already
tackled or at least identified any issues that should be considered when
planning IDS deployment to monitor MPLS.

I am not an MPLS expert, so just getting started with understanding what it
is and does/does not provide as far as complexity.

Any insight is appreciated.

->Pierre A. Cadieux CISSP


--------------------------------------------------------------------------
Stop hurting your network!
 
The NeVO passive vulnerability sensor continuously finds vulnerabilities,
applications and new hosts without the need for network scanning. 
It also finds compromised systems with application-based intrusion
detection. 
Go to http://www.tenablesecurity.com/products/nevo.shtml to learn more.
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Stop hurting your network!
 
The NeVO passive vulnerability sensor continuously finds vulnerabilities, 
applications and new hosts without the need for network scanning. 
It also finds compromised systems with application-based intrusion detection. 
Go to http://www.tenablesecurity.com/products/nevo.shtml to learn more.
--------------------------------------------------------------------------