I'm interesting in integrate IDS/IPS to CloudStack, but didn't find any effective solution. If you want to use the traditional NIDS, you'll can not know what do VMs talk each other because this is virtual network. Otherwise, if you use HIDS on VMs then I don't think it is suitable. This even affects to performance. Another way is that you use IDS/IPS on Virtual Router. It's OK but you know that Virtual Router now has to take too many functions. How about IDS/IPS on Hypervisors? How you think?
--- Nguyen Anh Tu Cloud Computing Core Dept. Viettel R&D Institute, Vietnam
