TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
Y You can set up sensors to report to more than one management backend. You can set up your network to abstract the transport so that your management back-end always looks the same to the sensors, and vice versa. Tunneling/VPN'ing, for instance, with endpoints at the common (non-ISP specific) points will achieve this. -----Original Message----- From: Chan Kien Eng [mailto:[EMAIL PROTECTED]] Sent: 29 July 2002 10:31 To: [EMAIL PROTECTED] Subject: Failover of IDS console TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- Hi all, Lets say I have the configuration like this. Company A has 3 branches and each branch has 1 Network sensor and 1 server sensor. All the branches' IDSs are connected to the RS Consoel which situated at the HQ. The branch connect to HQ through internet. Thus, IDS management are done thru the HQ using the internet line. The internet line from the HQ to internet is not reliable and always down. Thus, the IDS can't send the event to the console. So, company A plan to get another ISP for the failover. The question is, can this idea work? Coz the IDS reporting to the console based on the Console IP address. So, if the first ISP is down, switching to 2nd ISP would not provide failover because the IP address assigned by two ISP is difference. Any idea guyz? Thanks ******************************************* Chan Kien Eng Security Consultant Evolution Security Solutions Sdn. Bhd. 15.09 Signature Office The Boulevard, Mid Valley City 59200 Kuala Lumpur. Email: [EMAIL PROTECTED] Tel: 603-22879939 Ext 110 Fax: 603-22879929 "Make it works, make it better" ********************************************
