[Oisf-users] Out of band 10Gb Suricata
Cooper F. Nelson
cnelson at ucsd.edu
Wed Oct 14 18:43:38 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Never tried and probably won't work that great because of I/O issues.
But I really can't say either way.
Another thing to try is using bpf filters, or filters on your tap, to
only monitor certain flows. See this article for example:
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ignoring_Traffic
You can invert this example and try just monitoring a single network or
host via bpf filters and then expand that until you figure out what your
capacity is.
On 10/14/2015 11:34 AM, Brian Hennigar wrote:
> Hey Cooper,
> I turned off the rules and still seeing the same amount of drops.
> What is your experience with CUDA? Instead of upgrading the CPUs, would
> a GPU be the easier/cheaper option to get the required performance? I
> know I'll need to find one that is supported by ESXi for the passthrough.
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJWHqJZAAoJEKIFRYQsa8FWvjEH/iF4ZFzpe7eXoAd03E5z8p4M
Q+0x2Mor+zi5BNLetemPB38ci9NzZ6bg4VHI5RQNcIOIun7sDnLMEUHOzHjL3NU3
R42d0l6G+nXBL/BbNTinXfSUabp06ZN8phzU/laUJSDHXRjkSlXYjbXWxK62dit5
b/f8c0wYQ5BKuujDY6dISvSnik95z76d0SMmKSgLBAEKd34NNdVEdMM2qCjL/G5x
NfLQ7H0Uc39uEOTD5/1AT9Dpoaq3GZWkEmrqfSZp6A9I5WmkpjGE4EMHyXj7r5mp
kms69Iw6ua2dHWzt5KFdIDS0XK2wbiTjgLFOP9KJ5NuyKm4Jrcav/DanszljSYM=
=HIVS
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list