[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dragonidsuser
Subject:    Re: [Dragonidsuser] Deploying Dragon IDS on virtualized
From:       carlopmart <carlopmart () gmail ! com>
Date:       2008-07-18 14:10:02
Message-ID: 4880A43A.8020508 () gmail ! com
[Download RAW message or body]

carlopmart wrote:
> Hi all,
> 
>  I need to setup a virtualization test lab (to pass to a production 
> environment on future) with some NIDS deployed on it (dragon and snort). 
> Snort NIDS will be installed inline mode, but dragon only in nids mode.
> 
>  In first phase of this deploy I will use VMWare Server for this test 
> lab, but for production I will use ESX 3.5 U1.
> 
>  But my questions are dragon related:
> 
>  - Can I sniff all traffic that I need to control using vmware virtual 
> switches?? or do I need to do some special configuration on nids hosts 
> or virtual switches??
> 
>  - What about false positives?? Can I expect a "real situation" more or 
> less like when physical machines are used??
> 
>  - Any tips or tricks that I need to know??
> 
>  And last question: how long trial period assign dragon licenses??
> 
>  Many thanks to all.
> 

please, any hints??

-- 
CL Martinez
carlopmart {at} gmail {d0t} com
_______________________________________________
Dragonidsuser mailing list
Dragonidsuser@enterasys.com
[prev in list] [next in list] [prev in thread] [next in thread]