early detection of network problems and avoid impact on end user
- Thread starter kanu1989
- Start date
- Status
Your title is misleading. It means more of a reference to network and application performance issues than security.
If security, then you are looking at making a IDS/ IPS system. Use snort as the base. Set up a traffic span/ mirror on the core/ edge switch or router, and feed it through snort. Your rule base used here is most important. Most vendors make their own on top of the free/ open source rules available. Some of the best are Sourcefire (Snort based), McAfee & ISS (proprietary).
If performance, then you need to look at basic tools like wireshark, and move ahead to Zyrion/ Fidelia and further on to Netscout Systems.
You would also need to look at a log collection & correlation engine like Arcsight.
Frankly, each of the above needs a 1000 member+ dev team to build to even a small level of satisfaction. Not really a one user job.
Post back exactly what you want to achieve from the project. Vague high level statements can be left with the management.
Edit: Your title leads me straight to Netscout: http://www.google.co.in/search?q=early+detection+of+network+problems+and+avoid+impacting
Be warned: The solution prices for this vendor start close to 100,000 USD for a very basic overall system.
If security, then you are looking at making a IDS/ IPS system. Use snort as the base. Set up a traffic span/ mirror on the core/ edge switch or router, and feed it through snort. Your rule base used here is most important. Most vendors make their own on top of the free/ open source rules available. Some of the best are Sourcefire (Snort based), McAfee & ISS (proprietary).
If performance, then you need to look at basic tools like wireshark, and move ahead to Zyrion/ Fidelia and further on to Netscout Systems.
You would also need to look at a log collection & correlation engine like Arcsight.
Frankly, each of the above needs a 1000 member+ dev team to build to even a small level of satisfaction. Not really a one user job.
Post back exactly what you want to achieve from the project. Vague high level statements can be left with the management.
Edit: Your title leads me straight to Netscout: http://www.google.co.in/search?q=early+detection+of+network+problems+and+avoid+impacting
Be warned: The solution prices for this vendor start close to 100,000 USD for a very basic overall system.
sahilm said:
Going by OP name 1989 typically would mean a 3rd year college person. But the project cited is not touched by people, as my previous posts suggests, since to be successful you need a radical idea, or copy paste someone else's work, oft open source, which doesn't really fetch marks.
OP again doesn't specify coding. My impression is he wants to build a mock NOC/SOC as a demo setup with OSS.
.- Status