HostedDB - Dedicated UNIX Servers
pilot_16 August 28, 1998 Intrusion Detection Pilot Program Guide 13 q Product can process network traffic at a rate which is acceptable to you with all of the attack signatures active. q Product’s performance scales well with the number of attack signatures and filters active. Increasing the number of predefined or custom signatures does not significantly impact the performance of the system. q Product handles traffic bursts gracefully, switching to sampling mode until the traffic levels return to a consistent level. q Product engines function adequately on an Intel-based system with a 266 MHz. Pentium processor and  minimum 64MB RAM or a SPARC-based Ultra 2 system with 64MB RAM. Although it will with 64MB RAM 128 MB RAM is recommended Architecture q  Product’s architecture adapts well to higher network speeds and switched network topologies. q  Product’s architecture allow the attack recognition and response modules to be integrated into other network devices, such as firewalls and switches. q Product’s architecture allows for the use of off-the-shelf components, significantly reducing the cost of a Product deployment. Product Updates, Technical Support, and Industry Research q Vendor updates its attack signature database at least six times per year and often more frequently. q Vendor notifies you automatically through e-mail about the availability of new signatures. q Vendor makes new attack signatures available for download from its web site to current customers. q Vendor provides technical support via telephone, e-mail, and fax to you 8 am to 6 pm Monday through Friday, with 24-hour technical support available to those that require it. q Vendor provides major product updates at least three times per year. q Vendor notifies you automatically through e-mail about the availability of new product updates. q Vendor makes new product updates available for download from its web site to current customers. q  Vendor supports a research and development team for compiling and understanding new attack signatures and new system vulnerabilities. q  Vendor notifies the industry about newly discovered attack signatures and system vulnerabilities periodically through an e-mail service.