Hello. I just recently worked on an IPS project and here are some of the info based on that work. This is kind of a round about answer to your question. I am aware of about 30 major IPS (or IDS claiming to have IPS functionality). For the most part all are PC based. The few major players that are ASIC/FPGA that I remember off the top of my head are: McAfee, TippingPoint, Radware...
Question 1: In my opinion, the % is about 75% CPU based and 25% Asic/FPGA based. However this is trending toward the ASIC/FPGA to address the throughput requirement. Question 2: I am not sure if I understand this fully. Firewall for the most part works around layer 3/4 (dealing with IP address and ports) whereas IPS works at the higher layer (dealing with vulnerabilities such as web traffic that is already allowed through firewall). There are some grey area where IPS can do some firewall (basic filtering) and firewall can perform deep packet inspection (basic worm/virus detection) but I see them as complementary security devices. IPS state: IPS is different from a standpoint that it needs to be inline and not passive like IDS so adoption at business is not as brisk. However there are certain workaround to mitigate those risks. In my opinion I think IPS will dominate because it can actively stop those fast moving worms like nimda, sql slammer, zotob which could render a large enterprise's newtork in minutes or at the very least give you some breathing room while you leisurely patch your servers. Good luck. --- snort user <[EMAIL PROTECTED]> wrote: > Greetings. > > What percentage of the IPS systems are out there, > which does not use > co-processors/FPGA etc.. > > What percentage of the IPS systems depend on > firewalls like iptables > and ip filter ? > > I am just trying to get an idea of what is the state > of art in the IPS > technology space. > > Any information is appreciated. > > Thanks > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
