Hi,
We are in the process of implementing a project involving a huge network
comprising of thousands computers and users (1 computer :1.5 users). The
network is spread across 600 locations. We wish to implement ADS on Win2003
servers.
In a switched environment, as we all know NIDSs have problems. There are around
40 links directly to HO. Each location has its own LAN. Each location has
sublocations with LANs who authenticate to those higher in hierarchy.
How do we implement IDS sensors 20 (gigabit + 10/100) in count, so that we can
monitor all the traffic at lowest possible level of network, with minimal
number of sensors. How can we introduce sensors so that they function as
perfect as Inline
To give you and idea
ISP1 ISP2
\ /
HO(Core ROUTER)
+ DC
/ \
DC DC
/ \
Router + LAN(A). Router +LAN B----40
/ \
Router + LAN(A1) Router + LanB1
/ \
Router + LAN(AA1) Router +
LAN
/ \
Subloc2 Subloc3 |
/ \
Users Users, computers............
Digvijay
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
