I have worked with both ISS and IntruShield, both of which set to inline mode. When a device fails, you see about 1-3 pings drop and everything is back to normal.
-----Original Message----- From: Chris Serafin [mailto:[EMAIL PROTECTED] Sent: Thursday, February 02, 2006 3:51 PM To: [EMAIL PROTECTED]; [email protected] Subject: RE: IPS Reliability/Availability I know from the short time I worked for a Juniper reseller, the Juniper IPS has a separate box [very small] that does like a HA link to the IPS, so if the IPS fails, the traffic routed straight throught the network with no IPS Chris Serafin IT Security / VoIP Engineer [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, February 02, 2006 10:27 AM To: [email protected] Subject: IPS Reliability/Availability I am working on a big IPS project and I am very concerned about installing an inline device in a core enterprise network, where these devices have the potential to create big time network outages. Can you, please, share your possible bad experiences about the reliability of the following inline IPS products: ISS TippingPoint Juniper IPS Sourcefire McAfee IntruShield Have you had any issues with the availability of these devices, such as fail close crashes or do you have any experience with bypass switches that would mitigate the availability issue? Thanks, Mike ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ The preceding email message may be confidential or protected by the attorney-client privilege. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this message in error, please (i) do not read it, (ii) reply to the sender that you received the message in error, and (iii) erase or destroy the message. Legal advice contained in the preceding message is solely for the benefit of the Foley & Lardner LLP client(s) represented by the Firm in the particular matter that is the subject of this message, and may not be relied upon by any other party. Internal Revenue Service regulations require that certain types of written advice include a disclaimer. To the extent the preceding message contains advice relating to a Federal tax issue, unless expressly stated otherwise the advice is not intended or written to be used, and it cannot be used by the recipient or any other taxpayer, for the purpose of avoiding Federal tax penalties, and was not written to support the promotion or marketing of any transaction or matter discussed herein. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
