IDS mailing list archives
RE: IDS\IPS that can handle one Gig
From: "Andrew Plato" <andrew.plato () anitian com>
Date: Fri, 10 Jun 2005 09:29:13 -0700
I have an extremely hard time accepting that this was a fair or real test. I've thrown "gigs of traffic" at a TippingPoint and there was no dying at all. I've seen them under intense ddos attacks - no problem. I have numerous customers with "gigs of traffic" running through TP, never have a problem with performance. We sell Top Layer. I sold a fair number of them in 2004. They're okay IPSs. Good performance and excellent at ddos. But, they have ample weaknesses. You pointed out some (their business/support side is abysmal.) We moved over to TippingPoint to replace TopLayer, because TP did more and has outstanding performance. Also - TippingPoint is ASIC based and can do rate limiting. In fact, Top Layer and Tipping Point have VERY similar architectures. Their engines are different, but their basic hardware really isn't that dissimilar. ___________________________________ Andrew Plato, CISSP President/Principal Consultant ANITIAN ENTERPRISE SECURITY 3800 SW Cedar Hills Blvd, Suite 280 Beaverton, OR 97005 503-644-5656 Office 503-214-8069 Fax 503-201-0821 Mobile www.anitian.com ___________________________________ -----Original Message----- From: Edward Sohn [mailto:edwardsohn () sbcglobal net]
I have actually tested the Top Layer boxes against a signature-based solution like Tipping Point and Mazu Networks. In short, the Tipping Point box died because it couldn't handle the gigs of traffic we threw at it--exactly what Tim is describing below. The Mazu box worked similarly.
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: IDS\IPS that can handle one Gig, (continued)
- Re: IDS\IPS that can handle one Gig Mike Frantzen (Jun 06)
- Re: IDS\IPS that can handle one Gig Nick Black (Jun 07)
- Re: IDS\IPS that can handle one Gig Mike Frantzen (Jun 06)
- Re: IDS\IPS that can handle one Gig Ed Gibbs (Jun 06)
- IPS test criteria (was IDS\IPS that can handle one Gig) Bob Walder (Jun 07)
- RE: IDS\IPS that can handle one Gig Gary Halleen (Jun 06)
- RE: IDS\IPS that can handle one Gig Hovis, Chris (Jun 07)
- RE: IDS\IPS that can handle one Gig THolman (Jun 07)
- RE: IDS\IPS that can handle one Gig Edward Sohn (Jun 08)
- RE: IDS\IPS that can handle one Gig Barrett G . Lyon (Jun 08)
- RE: IDS\IPS that can handle one Gig Palmer, Paul (ISSAtlanta) (Jun 08)
- RE: IDS\IPS that can handle one Gig Andrew Plato (Jun 10)
- Re: RE: IDS\IPS that can handle one Gig ian . bamford (Jun 10)