Every data packet should be analysed during vulnerability assessment, before actually data should get processed by the system. But there will be a delay, if each packet is analyzed.
Eth0 duplication filter, this would serve purpose and also the user will not experience delay since each packet was duplicated and analyzed by the eth0 duplication filter(virtual).
How eth0 duplication filter should work?.
It should make a duplicate copy (if its an unknown packet ) of each data packet and analyse, and finally report event to administrator.
Comments:
Hardware should be really good, to process the data.
No comments:
Post a Comment