North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: recommendations regarding IPS

  • From: Hegger, Stefan
  • Date: Fri Mar 31 09:18:40 2006


On Fri, 2006-03-31 at 08:50 -0500, Robert E.Seastrom wrote:
> "Hegger, Stefan" <[email protected]> writes:
> > hope not bothering you but I'm looking for some experiences with IPS
> > systems. There are several vendors but is there a recommandation or some
> > tests? As Service provider we need a system which handles the scanning
> > in hardware and it should work as a layer2 bridge (no IP).
> what speed, what problem are you trying to solve, and what do you mean
> by "in hardware"?  no fpgas?  :)

We have a 2 Gbps connection with about about 200kpps in- and outgoing
traffic, and I don't want to pipe the traffic through software, fpgas
are ok.
Our problems are DDoS and we want to have a stateful packet inspection.
The system should not be "static" there should be something like anomaly
detection. It should report if there is "strange" traffic. And of course
the normal stuff as Intrusion detection (worms, botnets etc.)


Stefan Hegger
Lycos Europe GmbH
Carl-Bertelsmann Str. 21
Postfach 315
33311 Guetersloh

email:[email protected]
Tel: +49 5241 80 71334
FAX:+49 5241 80671334
Mob:+49 170 1892720

Attachment: signature.asc
Description: This is a digitally signed message part