IDP Host Based



  • IDP at present is inline or passive sniffer only, I am wondering whether the Netscreen Team have it on their roadmap to make a software based (Host Sensor).

    I have been speaking with companies to want Host/Network based reporting to the same management unit. (this will look for incorrect logins to the PDC as admin etc.)

    also if I want to implement IDP in high end 10Gig networks for example, I cannot run this unit inline and therefore have to run passive sniffer a(monitor only) and use something like Toplayer to load share the IDP boxes using L7 or round robin.

    I hope the Netscreen roadmap includes Host Based IDS and the 2 Gig IDP 2000


  • Engineer

    From what I heard, the roadmap not include host based IDS at this time.



  • I know NetScreen is working hard to integrate the IDP technology into an ASIC-Appliance. This is the only way they will be able to attain gigabit speeds. I don’t have any idea as to the timeframe, however.

    As for host-based IDS/P, well, they’d probably need to buy another company. 😉



  • Talking about that how is ISS doing these days against the likes of Dragon etc.

    I wonder whether someone can help me on the management side of IDP. Using a Total of 8 IDP 500’s scattered around the network… should I implement a seperate management system on a standalone Linux or Solaris box, or manage them all from one of the IDP stations with the management installed locally? (sorry for the silly question, just trying to get my head around it) :?



  • Management Server is not supported/recommended on the IDP-500, so the obvious choice would then be “Put it on it’s own server”. Now which platform - Solaris or Linux - is somewhat of a personal choice.

    I personally think Sol Sux, and therefore would use Linux, but some people prefer a UNIX solution that still does things the same way they did UNIX 30+ years ago.

    I really dig this new IDP thing!



  • Do any one know whether Juniper IDP supports host based solutions?.



  • Wow… 2002 called and wants their thread back!

    Sadly, no.  Juniper never made the transition to true HIPS.  The closest thing they have is the SSL VPN client checker.


 

18
Online

38.4k
Users

12.7k
Topics

44.5k
Posts