cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sebastien Goasguen <>
Subject Re: About intergrating IDS/IPS to CloudStack
Date Mon, 04 Mar 2013 09:53:47 GMT

On Mar 3, 2013, at 4:05 AM, Nguyen Anh Tu <> wrote:

> I'm interesting in integrate IDS/IPS to CloudStack, but didn't find any
> effective solution. If you want to use the traditional NIDS, you'll can not
> know what do VMs talk each other because this is virtual network.
> Otherwise, if you use HIDS on VMs then I don't think it is suitable. This
> even affects to performance. Another way is that you use IDS/IPS on Virtual
> Router. It's OK but you know that Virtual Router now has to take too many
> functions. How about IDS/IPS on Hypervisors? How you think?

You could put an IDS/IPS on each hypervisors but I don't think that will fall under the control
of cloudstack as it would be a baremetal config.
If the virtual route is not "strong" enough you could potentially have another "system VMs"
that only contains the IDS/IPS.

> ---
> Nguyen Anh Tu
> Cloud Computing Core Dept.
> Viettel R&D Institute, Vietnam

View raw message