Since 1g IDS on commodity gear can be handled without much effort, why not push for more?Finding 10g links to tap is fairly easy, so we'll explore the challenges of building an IDS to process these larger links while working with our typical shoestring budgets.This talk will run through hardware considerations, ruleset choices, and helpful OS/firmware/suricata tweaks to help you ingest these ever larger data links without ruining the budget.
Long time system admin who enjoys packets above all else.