Yes, we have. However, you will run into the following issues
1. You will use the Switches SPAN capability to IDS, the network guys may disconnect you to do switch debugging with sniffers 2. Congestion and packet loss on the SPAN port. You may have to consider a Gigabit SPAN port and a Gigabit IDS sensor. We solved it by using ethernet taps on every main Switch interface and drawing traffic down to a dedicated smaller switch, which is connected to the IDS sensor. Good luck. >>> "Aubin,Yves" <[EMAIL PROTECTED]> Wednesday 27, October, 2004 16:43:46 >>> Hi list, We are currently looking at a solution that involves putting our firewalls in cluster with 2 cisco switches, one for each firewall in the cluster to create some load balancing at the same time. We want to put the switches on a spanning tree and connect the RealSecure Network Sensor on only 1 of those switches. Has anybody ever attempted something like this, is this feasable and if so is there any issues with the sensor!!! Thanks _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328. Disclaimer This e-mail message shall not be construed as legally binding on the Bank for International Settlements (BIS). As internet communications are not secure, the BIS does not accept responsibility for the content of this message. This message is intended only for the recipient(s) named above. Any unauthorized disclosure, use or dissemination, either in whole or in part, of this message is prohibited. If you have received this message in error, please inform the sender immediately by return e-mail and delete this message and any attachments thereto from your system. Thank you for your co-operation. _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
