RE: [nsp] Catalyst 6000 IDS experience?

From: Stephen Gill (gillsr@yahoo.com)
Date: Wed Mar 27 2002 - 19:21:10 EST


I would advise against rating a product solely based on whether it will
intercept traffic. IDSes are much better served when passive anyways
unless active session blocking is a major requirement.

Other factors to take into consideration are performance, traffic
signatures (of which I believe there are few on the Cisco platform),
false positives, functionality, etc...

-- steve

-----Original Message-----
From: Edward S. Desouza [mailto:edward_desouza@yahoo.com]
Sent: Tuesday, March 26, 2002 10:56 PM
To: rkuhljr@uol.com.br; 'matthew zeier'; cisco-nsp@puck.nether.net
Subject: RE: [nsp] Catalyst 6000 IDS experience?

The catalyst 600 IDSM only supports detection of
attacks. The blade has no support for ressetting a TCP
session. Simple advise : Go for the netranger boxes.

Rgds,
Edward

--- "Rubens Kuhl Jr." <rkuhljr@uol.com.br> wrote:
>
> No hands-on experience on this card, but I will
> share some conclusions
> I've come to while deciding not to go with this
> module.
>
> Its strength compared to IDS-on-a-box (either Cisco,
> Enterasys,
> Nokia+ISS, BSD+Snort, whatever) is the multiple VLAN
> attach capability;
> the traffic redirection capabilities of Cat 6K,
> which are very good
> indeed, can be explored with both the IDS module or
> with separate boxes.
>
>
> If you have many VLANs, the aggregate traffic of all
> VLANs fits into the
> IDS-module capability (slitghly above 100 Mbps),
> you are not running or
> intending to run Supervisor IOS, and not using or
> thinking on using
> switch fabric, it might be a good choice.
>
>
>
> Rubens Kuhl Jr.
>
>
>
> -----Original Message-----
> From: matthew zeier [mailto:mrz@intelenet.net]
> Sent: Tuesday, March 26, 2002 2:36 PM
> To: cisco-nsp@puck.nether.net
> Subject: [nsp] Catalyst 6000 IDS experience?
>
>
>
> Anyone have working experience with Cisco's Catalyst
> 6000 IDS module?
> Is it worth the $15k list price?
>
> - mz
>
> --
> matthew zeier - "In mathematics you don't understand
> things. You just
> get used to them." - Johann von Neumann
>

=====
Edward S. Desouza
23/24 Manali 5,
Evershine Nagar,
Malad (W),
Bombay 400064.
Tel :9122-8886362

__________________________________________________
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy AwardsR
http://movies.yahoo.com/



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:38 EDT