[Snort-users] SNORT and VLans
Jason.Haar at ...294...
Thu Feb 26 17:28:47 EST 2004
On Thu, Feb 26, 2004 at 05:05:22PM -0600, Martin Jr., D. Michael wrote:
> What you are describing is exactly the way we are configured. We
> monitor all traffic (internal and external) on all 80+ vlans using one
> Snort box. Luckily, our network topology has everything coming back to
> one single core switch (Catalyst 4006) so we just setup monitoring of
> all ports back to a single port for the Snort IDS. The syntax of our
> commands are as follows:
80+ VLANS to *one* snort box?!?!?
Can you please impress me with a description of the hardware involved? You
mention Gig-E so that can't be a standard PCI-bus...
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the Snort-users