On Mar 4, 2013, at 8:17 AM, Nguyen Anh Tu <ng.t...@gmail.com> wrote:
> Thanks Sebastien !!! Great idea with setting up one more SystemVM, but I > don't know how to do this. Please show me if you don't mind :D > Mice Xia may be able to comment better than I can: http://www.slideshare.net/mice_xia/integration-3rd-party-security-solution > 2013/3/4 Sebastien Goasguen <run...@gmail.com> > >> >> On Mar 3, 2013, at 4:05 AM, Nguyen Anh Tu <ng.t...@gmail.com> wrote: >> >>> I'm interesting in integrate IDS/IPS to CloudStack, but didn't find any >>> effective solution. If you want to use the traditional NIDS, you'll can >> not >>> know what do VMs talk each other because this is virtual network. >>> Otherwise, if you use HIDS on VMs then I don't think it is suitable. This >>> even affects to performance. Another way is that you use IDS/IPS on >> Virtual >>> Router. It's OK but you know that Virtual Router now has to take too many >>> functions. How about IDS/IPS on Hypervisors? How you think? >> >> You could put an IDS/IPS on each hypervisors but I don't think that will >> fall under the control of cloudstack as it would be a baremetal config. >> If the virtual route is not "strong" enough you could potentially have >> another "system VMs" that only contains the IDS/IPS. >> >>> >>> --- >>> >>> Nguyen Anh Tu >>> >>> Cloud Computing Core Dept. >>> >>> Viettel R&D Institute, Vietnam >> >> > > > -- > > N.g.U.y.e.N.A.n.H.t.U
