[Snort-users] IDS Placement ideas for inside and outside a firewall.

Drew Stockman Drew.Stockman at ...8272...
Wed Apr 2 13:01:19 EST 2003

We have a "dirty" hub in between the routers and firewalls.  Lets us have the IDS and if we ever need to sniff traffic for troubleshooting purposes just plug into the hub.

Drew Stockman 
Security Analyst 

-----Original Message-----
From: Brei, Matt [mailto:mbrei at ...8727...]
Sent: Wednesday, April 02, 2003 1:43 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] IDS Placement ideas for inside and outside a firewall.

Hi everyone.  I am trying to convince my company to implement IDS on our network but I have a few questions.  I know I would want one on both sides of the firewall, but on a switched network, how would I force traffic to go through Snort before it reached its destination?  Also, the way its set up now, the Cisco 1751 router goes right into the Cisco PIX 501 firewall and from there into a switch.  How would I place an IDS between the firewall and switch?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030402/7321183b/attachment.html>

More information about the Snort-users mailing list