[Snort-users] Snort with IPSec
frank at ...9761...
Tue Nov 4 22:22:23 EST 2003
On Tue, 2003-11-04 at 13:02, Josh Berry wrote:
> I understand the overhead and difficulty. I just want to know if it is
> technically feasible. The reason I am asking is that one of the directors
> where I work is considering implementing site wide IPSec encryption for
> every connection on the internal network. This will make internal attacks
> impossible to see, therefore I cannot just sit the IDS behind the VPN
> because essentially the whole network will be one big VPN.
What is the reason/business case behind this? Do the benefits you gain
really outweigh the drawbacks?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 187 bytes
Desc: This is a digitally signed message part
More information about the Snort-users