On Mar 17, 2010, at 2:56 AM, Guillaume FORTAINE wrote: > What about Argus ? [1]
Argus is OK, but I believe that it mainly relies upon packet capture - it does now support NetFlow v5, and v9 support as well as support for Juniper flow telemetry and others is supposed to be coming. I've personally not played with Argus and NetFlow; nfdump/nfsen is a useful open-source NetFlow collection/analysis system. > https://www.dpacket.org/ This is Web forum focused on discussions regarding DPI, which is orthogonal to IDMS. > Me and my partners are working on a Flow Based Security Awareness > Framework for High-Speed Networks. > > http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf > > For a demo : > > http://demo.cognitivesecurity.cz/ It's always good to see folks motivated to work on solutions they believe will benefit the community at large. ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken
