Hi On Fri, 2006-03-31 at 08:50 -0500, Robert E.Seastrom wrote:
"Hegger, Stefan" <Stefan.Hegger@lycos-europe.com> writes:
hope not bothering you but I'm looking for some experiences with IPS systems. There are several vendors but is there a recommandation or some tests? As Service provider we need a system which handles the scanning in hardware and it should work as a layer2 bridge (no IP).
what speed, what problem are you trying to solve, and what do you mean by "in hardware"? no fpgas? :)
We have a 2 Gbps connection with about about 200kpps in- and outgoing traffic, and I don't want to pipe the traffic through software, fpgas are ok. Our problems are DDoS and we want to have a stateful packet inspection. The system should not be "static" there should be something like anomaly detection. It should report if there is "strange" traffic. And of course the normal stuff as Intrusion detection (worms, botnets etc.) Stefan -- Stefan Hegger Lycos Europe GmbH Carl-Bertelsmann Str. 21 Postfach 315 33311 Guetersloh email:Stefan.Hegger@lycos-europe.com Tel: +49 5241 80 71334 FAX:+49 5241 80671334 Mob:+49 170 1892720