| |||||
| |||||
Search Irongeek.com: ![]() ![]()
Help Irongeek.com pay for bandwidth and research equipment: |
Daniel Lohin & Ed Sealing This presentation will look at the viability of virtualizing and containerizing network security monitoring devices such as IDS/IPS systems, full packet capture, netflow, etc. There are a number of challenges in a virtual environment with managing system load. We have been looking at how to best virtualize open-source network monitoring solutions in both large and small environments and will detail some of the information we have learned during this adventure. We will detail a project on a single inexpensive host providing network monitoring and event collection built entirely on Open Source software. Finally, we will discuss and demo high-speed (10G+) virtualized monitoring solutions with newer technologies such as SR-IOV and DPDK-enabled OpenVSwitch. Ed Sealing and Daniel Lohin both work at Sealing Technologies. Their focus is primarily security engineering and figuring out how to securely build enterprise scale systems in a manner that is functional and secure.Daniel Lohin holds a Masters from George Mason University and also teaches part time at a local community college.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast