[Snort-users] IDS Placement ideas for inside and outside a firewall.
Drew.Stockman at ...8272...
Wed Apr 2 13:01:19 EST 2003
We have a "dirty" hub in between the routers and firewalls. Lets us have the IDS and if we ever need to sniff traffic for troubleshooting purposes just plug into the hub.
From: Brei, Matt [mailto:mbrei at ...8727...]
Sent: Wednesday, April 02, 2003 1:43 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] IDS Placement ideas for inside and outside a firewall.
Hi everyone. I am trying to convince my company to implement IDS on our network but I have a few questions. I know I would want one on both sides of the firewall, but on a switched network, how would I force traffic to go through Snort before it reached its destination? Also, the way its set up now, the Cisco 1751 router goes right into the Cisco PIX 501 firewall and from there into a switch. How would I place an IDS between the firewall and switch?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users