Actually, I'm seeing other vendors, SourceFire being one of the ones in the eval list below, who have not gone the ASIC route, but have gone with a kind of RISC architecture to get speed. Their pitch is that they get the performance of the ASIC vendors by using multiple RISC chips (I think the base model that does a gig inline has 6 RISC processors) to handle the load (plus an extra processor to handle the management end of things... so 7 all together). They are claiming performance of an ASIC but the flexibility of software. Not sure how valid that claim is.
Question 1 : I'm wondering if anybody has tested these or stacked them up next to the ASIC brands to test perfomance, and if so, can they provide some feedback. Question 2: Does anybody have a list of which vendors are using ASICs for performance and which are using this RISC type architecture for performance? Question 3: Not so much a question, but a general request; I'd be interested in a "pro vs con" for each if anybody gets their hands on them. -d On 2/6/06, Andrew Plato <[EMAIL PROTECTED]> wrote: > Most of these devices are pretty good for reliability. The only > exception I would make is SourceFire, which back when we sold it had > abysmal reliability (3 out of 4 boxes we sold to a customer show up dead > or died soon after installation). > > TippingPoint sells a zero-power bypass add-on for their IPS. If the IPS > fails in anyway, traffic is passed through the zero-power device. Its > very easy to add. Juniper does something similar. > > ----------------------------------------------- > Andrew Plato, CISSP, CISM > President/Principal Consultant > Anitian Enterprise Security > > ----------------------------------------------- > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, February 02, 2006 8:27 AM > To: [email protected] > Subject: IPS Reliability/Availability > > I am working on a big IPS project and I am very concerned about > installing an inline device in a core enterprise network, where these > devices have the potential to create big time network outages. > > Can you, please, share your possible bad experiences about the > reliability of the following inline IPS products: > > ISS > TippingPoint > Juniper IPS > Sourcefire > McAfee IntruShield > > Have you had any issues with the availability of these devices, such as > fail close crashes or do you have any experience with bypass switches > that would mitigate the availability issue? > > Thanks, > Mike > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it with real-world attacks from > CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > _________________________________________________ > NOTICE: > This email may contain confidential information, > and is for the sole use of the intended recipient. > If you are not the intended recipient, please reply > to the message and inform the sender of the error > and delete the email and any attachments from > your computer. > _________________________________________________ > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
