IDS mailing list archives
Re: IDS and Bandwidth
From: Mark Teicher <mht3 () earthlink net>
Date: Tue, 05 Jul 2005 20:02:43 -0400
Do you mean the type of unknown traffic that cannot be identified is consuming your bandwith. Most in-line IDS products do not consume bandwidth, in other words, whne you place an inline IDS within a particular network, you may introduce some latency when an IP packet is being analyzed and then if the packet is forwarded or dropped. If there is a complaint from your network team, you may want to invest some time in troubleshooting the type of traffic that is being observed on the various nodes of your network before pointing fingers at each other. NFR used to have a nice flowchart diagram that illustrated Network Intrusion Detection process..
/m At 11:46 PM 7/4/2005, bhaskar.gupta () tcs com wrote:
Dear frendzI am working as an IDS operator in my company. Due to big size of the organisation, different IDS nodes are monitoring different centers through a central master node. Since there are lot of incidents ( including false positives ) generated across the organsation, there is a complaint from our networking team that IDS is consuming lot of bandwidth over networkingI am really not able to figure out how much IDS can eat up network bandwidth. Please throw some light on this. cheers, Bhaskar -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Current thread:
- IDS and Bandwidth bhaskar . gupta (Jul 04)
- Re: IDS and Bandwidth Tony Rall (Jul 05)
- Re: IDS and Bandwidth Fergus Brooks (Jul 05)
- Re: IDS and Bandwidth Michael Boman (Jul 05)
- Re: IDS and Bandwidth David W. Goodrum (Jul 05)
- Re: IDS and Bandwidth Mayank Bhatnagar (Jul 05)
- Re: IDS and Bandwidth Mark Teicher (Jul 05)
- <Possible follow-ups>
- RE: IDS and Bandwidth PPowenski (Jul 05)
- RE: IDS and Bandwidth MailTest (Jul 12)
- RE: IDS and Bandwidth THolman (Jul 13)
- RE: IDS and Bandwidth Nathan Davidson (Jul 15)
- RE: IDS and Bandwidth Michael Allgeier (Jul 17)
- Re: IDS and Bandwidth Tony Rall (Jul 05)