[ previous ] [ next ] [ threads ]
 From:  sai <sonicsai at gmail dot com>
 To:  Sean Waite <swaite at sbn dash services dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IDS
 Date:  Thu, 26 Jan 2006 18:20:32 +0500
On 1/26/06, Sean Waite <swaite at sbn dash services dot com> wrote:
<snip>> At the very least it is one less box to have to muck with.
> Sean Waite

[1] This is a major fallacy. You have to look after the IDS whether
its on the firewall box or on its own.
[2] An IDS should be connected to lots of different places on your
network and needs to have a massive CPU and hard disk.
A firewall needs a low end cpu and no hard disk. It is connected to one place.
Totally different machines. Totally different purpose.

Just because the customer wants it does not mean you should give it to
them. As professionals you should educate them about the correct way
of doing things.
yes, I know all-in-one IDS-anti-spam-anti-virus-VPN-kitchen-sink sells
, and is easy to sell but it is WRONG.