NIDS on Multiple Internet Gateway?
Hi,
We just have plan to put NIDS on our border router connected to the global Internet.
All of the border router acting as our Internet gateway for our backbone network. With this configuration we may facing trouble because of asymteric traffic that may pass along the multiple gateway router, which is located in many different places.
Anybody have experience with this kind of IDS implementation ?
Or is it common NIDS implementation on protecting service provider network ?
Any comment please....
thx
phuntos
Re: NIDS on Multiple Internet Gateway?
Quote:
Originally posted here by phuntos
Hi,
We just have plan to put NIDS on our border router connected to the global Internet.
All of the border router acting as our Internet gateway for our backbone network. With this configuration we may facing trouble because of asymteric traffic that may pass along the multiple gateway router, which is located in many different places.
Anybody have experience with this kind of IDS implementation ?
Or is it common NIDS implementation on protecting service provider network ?
Any comment please....
thx
phuntos
hi phuntos,
how far away in meters is "many different places" ?
And at what speed are your border-gateway running ? I assume they are using ethernet, don't they ? I am not aware about a IDS running over POS STMxx or something like that!
If the speed and more interesting the saturation of the lines is moderate 100mbit and you can connect the locations maybe via Fiber-Optic to a central point, than i have a snort/linux configuration handling your and of course our asymetric problem.
cu
