I understand signature based detection and prevention works fine in Multi processor solutions. Does anybody have any experience on traffic anomaly based intrusion detection and rate control? I wonder how effective this would be as different connections belonging to a policy may end up in different CPUs. Surya
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
