May 2003
Intermediate to advanced
360 pages
10h 27m
English
It would present a real problem if gigabytes of data had to be stored on the same physical box that Snort was running on. Fortunately, Snort uses an n-tier architecture. N-tier architectures are fairly common. Large applications are rarely handled by one application on one box; scalability and security are chief concerns with a single tier architecture. Snort is most typically installed in a 3-tier architecture, but is flexible enough to accommodate a single-tier (the hybrid sensor/server) to four tiers (departmental clusters).
The first tier, known as the sensor tier, is where network traffic passes to be monitored for intrusions. The sensor acts like a digital vacuum: It grabs packets ...
Read now
Unlock full access