SecurityFocus

10Gbps IPS - what you need to know Jan 22 2009 04:00AM
rmoy nsslabs com (1 replies)

Re: 10Gbps IPS - what you need to know Feb 19 2009 03:04PM
Ravi Chunduru (ravi is chunduru gmail com) (2 replies)

Re: 10Gbps IPS - what you need to know Feb 20 2009 02:25AM
John Jasen (jjasen realityfailure org) (1 replies)

Re: 10Gbps IPS - what you need to know Feb 27 2009 04:57PM
Ravi Chunduru (ravi is chunduru gmail com)

RE: 10Gbps IPS - what you need to know Feb 19 2009 08:57PM
Addepalli Srini-B22160 (saddepalli freescale com) (1 replies)

RE: 10Gbps IPS - what you need to know Feb 21 2009 02:08AM
C-Info (c-info blaisnet com) (1 replies)

Re: 10Gbps IPS - what you need to know Feb 23 2009 05:16PM
Trygve Aasheim (trygve pogostick net) (1 replies)

Re: 10Gbps IPS - what you need to know Feb 27 2009 04:56PM
Ravi Chunduru (ravi is chunduru gmail com) (1 replies)

Re: 10Gbps IPS - what you need to know Feb 27 2009 05:18PM
Trygve Aasheim (trygve pogostick net) (1 replies)

Re: 10Gbps IPS - what you need to know Mar 01 2009 12:15AM
Ravi Chunduru (ravi is chunduru gmail com) (1 replies)

Re: 10Gbps IPS - what you need to know Mar 05 2009 05:47AM
Ravi Chunduru (ravi is chunduru gmail com) (4 replies)

RE: 10Gbps IPS - what you need to know Mar 06 2009 07:20PM
Vikram Phatak (vphatak nsslabs com)

RE: 10Gbps IPS - what you need to know Mar 05 2009 09:29PM
Addepalli Srini-B22160 (saddepalli freescale com)

Re: 10Gbps IPS - what you need to know Mar 05 2009 05:18PM
Jeremy Bennett (jeremyfb mac com) (1 replies)

Re: 10Gbps IPS - what you need to know Mar 05 2009 06:12PM
Ravi Chunduru (ravi is chunduru gmail com)

Re: 10Gbps IPS - what you need to know Mar 05 2009 05:17PM
Joel M Snyder (Joel Snyder Opus1 COM)

> Silence is enforcing the points made in earlier email that IPS devices
> skip Intrusion analysis upon very small load on the system. I was
> hoping that somebody is going to speak out and prove otherwise.

Actually, this is a 'new' feature for many IPses. For example, Sourcefire
didn't have it as recently as a year ago (although they do now in a particularly
elegant manner).

The Juniper SRX 5800 IPS we just tested last week did NOT pass packets through
un-inspected at high loads, and I don't believe that the SRX even has that
capability. If the IPS is loaded, the whole system slows down.
http://www.networkworld.com/reviews/2009/022309-juniper-firewall-test.ht
ml

I am not totally sure, but I suspect that the IPS-1 (Check Point/NFR) that I
tested last year is the same: when it's burdened, packets slow down, not pass
through.

jms

--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One Phone: +1 520 324 0494
jms (at) Opus1 (dot) COM [email concealed] http://www.opus1.com/jms

[ reply ]