[Snort-users] Snort with IPSec

Frank Knobbe frank at ...9761...
Tue Nov 4 22:22:23 EST 2003

On Tue, 2003-11-04 at 13:02, Josh Berry wrote:
> I understand the overhead and difficulty.  I just want to know if it is
> technically feasible.  The reason I am asking is that one of the directors
> where I work is considering implementing site wide IPSec encryption for
> every connection on the internal network.  This will make internal attacks
> impossible to see, therefore I cannot just sit the IDS behind the VPN
> because essentially the whole network will be one big VPN.

What is the reason/business case behind this? Do the benefits you gain
really outweigh the drawbacks? 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20031104/389dc3c6/attachment.sig>

More information about the Snort-users mailing list