| Publisher | Washington University in St. Louis | ||
|---|---|---|---|
| Format | 132.8KB PDF | Date added | 19 Aug 2005 |
| Topics | TCP - IP, Web Filtering, Intrusion Detection Systems | ||
| Downloads | 67 | ||
Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention services to run at multi Gigabit/second rates. High-level intrusion rules mapped directly into hardware separate malicious content from benign content in network traffic. Hardware parallelism allows intrusion systems to scale to support fast network links, such as OC-192 and 10 Gbps Ethernet. In this paper, a Snort Intrusion Filter for TCP (SIFT) is presented that operates as a preprocessor to prevent benign traffic from being inspected by an intrusion monitor running Snort. Snort is a popular open-source rule-processing intrusion system. SIFT selectively forwards IP packets that contain questionable headers or defined signatures to a PC where complete rule processing is performed.
Did you find this white paper useful?
16 out of 35 users found this white paper useful
Related white papers
Building Reliable IP Telephony Systems
Reliability is the most critical aspect of a business phone system. IP telephony systems will deliver differing service levels because their architecture is fundamentally different. Ironically, optimal architecture and design...
Cash In Your PBX -- Upgrade with Cisco. Gain significant new savings now
PBX systems and old telephony applications were just not built for today's business needs. They don't scale easily, struggle to support mobility, and are increasingly expensive to maintain. Now you...
IOS Tips and Tricks
There are a number of things you can do with Cisco's IOS to make your life easier. This white paper presents some ways that IOS commands can help streamline your...
Dell-Customized Mobility Solutions
The marketplace is overflowing with a multitude of mobility options for businesses of all types and sizes. From notebooks, netbooks, and handheld computers to WiFi, smartphones, and mobile broadband, there...
Decoupling Congestion Control From TCP for Multi-Hop Wireless Networks: Semi-TCP
TCP performs poorly in multihop wireless networks and even worse if end-to-end connectivity is often broken such as in challenged networks. Lots of research has been carried out but this...
Interactive Guide: Enterprise Mobility
Getting Started With Enterprise Mobility: A Guide to Sybase's Enterprise Mobility Platform. With the broadest portfolio of industry-leading products, an innovative mobility platform that provides a foundation for future growth,...
Webcast & Video: Special Report on MEAP featuring research from Gartner
Complimentary Webcast: Taking a Strategic Approach to Enterprise Mobility. Whether you're just getting started with mobility or have already rolled out multiple applications, taking a strategic approach to mobility is...
