[Snort-users] GIG IDS
scheidell at ...5171...
Tue Sep 12 08:30:06 EDT 2006
you may need a commercial system to keep up, or at least one box per
If you have a lot of 'small' < 64 byte packets, you might forget the
(run ntop on a sniffer link for a week and see)
The backplane on most 'pizza bozes' is 3.2Gbs max., and two
bidirectional 1GB pipes would be, well, more than the available
From: snort-users-bounces at lists.sourceforge.net
[mailto:snort-users-bounces at lists.sourceforge.net] On Behalf Of Marc
Sent: Tuesday, September 12, 2006 8:24 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] GIG IDS
I'm looking for any insight into successful gigabyte Snort
deployments. My network is huge multi-gigabyte environment. Most of
the connections to my firewalls are gig. My Intenet connections are
mostly dual OC-12s.
I'm thinking about using a high end Linux with say Red Hat 4 or
FreeBSD with at least 4 GB RAM with a Dual Core Intel CPU.
Any advice is very welcome.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users