[Snort-users] SNORT and VLans

Jason Haar Jason.Haar at ...294...
Thu Feb 26 17:28:47 EST 2004


On Thu, Feb 26, 2004 at 05:05:22PM -0600, Martin Jr., D. Michael wrote:
> What you are describing is exactly the way we are configured.  We
> monitor all traffic (internal and external) on all 80+ vlans using one
> Snort box.  Luckily, our network topology has everything coming back to
> one single core switch (Catalyst 4006) so we just setup monitoring of
> all ports back to a single port for the Snort IDS.  The syntax of our
> commands are as follows:

80+ VLANS to *one* snort box?!?!?

Can you please impress me with a description of the hardware involved? You
mention Gig-E so that can't be a standard PCI-bus...


-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1




More information about the Snort-users mailing list