cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nguyen Anh Tu <ng.t...@gmail.com>
Subject Re: About intergrating IDS/IPS to CloudStack
Date Mon, 04 Mar 2013 14:43:36 GMT
Great!!! That's exactly what I'm looking for. Many thank, Sebastien :-)

2013/3/4 Sebastien Goasguen <runseb@gmail.com>

>
> On Mar 4, 2013, at 8:17 AM, Nguyen Anh Tu <ng.tuna@gmail.com> wrote:
>
> > Thanks Sebastien !!! Great idea with setting up one more SystemVM, but I
> > don't know how to do this. Please show me if you don't mind :D
> >
>
> Mice Xia may be able to comment better than I can:
> http://www.slideshare.net/mice_xia/integration-3rd-party-security-solution
>
>
>
> > 2013/3/4 Sebastien Goasguen <runseb@gmail.com>
> >
> >>
> >> On Mar 3, 2013, at 4:05 AM, Nguyen Anh Tu <ng.tuna@gmail.com> wrote:
> >>
> >>> I'm interesting in integrate IDS/IPS to CloudStack, but didn't find any
> >>> effective solution. If you want to use the traditional NIDS, you'll can
> >> not
> >>> know what do VMs talk each other because this is virtual network.
> >>> Otherwise, if you use HIDS on VMs then I don't think it is suitable.
> This
> >>> even affects to performance. Another way is that you use IDS/IPS on
> >> Virtual
> >>> Router. It's OK but you know that Virtual Router now has to take too
> many
> >>> functions. How about IDS/IPS on Hypervisors? How you think?
> >>
> >> You could put an IDS/IPS on each hypervisors but I don't think that will
> >> fall under the control of cloudstack as it would be a baremetal config.
> >> If the virtual route is not "strong" enough you could potentially have
> >> another "system VMs" that only contains the IDS/IPS.
> >>
> >>>
> >>> ---
> >>>
> >>> Nguyen Anh Tu
> >>>
> >>> Cloud Computing Core Dept.
> >>>
> >>> Viettel R&D Institute, Vietnam
> >>
> >>
> >
> >
> > --
> >
> > N.g.U.y.e.N.A.n.H.t.U
>
>


-- 

N.g.U.y.e.N.A.n.H.t.U

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message