[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Re: Considering nSight, any thoughts?
- To: stevenrakick@xxxxxxxxx
- Subject: [Full-disclosure] Re: Considering nSight, any thoughts?
- From: Jeff Boston <nospam@xxxxxxxxxxxxx>
- Date: Fri, 12 Aug 2005 07:19:46 -0700 (PDT)
<html><body><P><FONT face=Arial size=2>Hi. Sorry for the delay in my
response.</FONT></P>
<P>Jason/Steven, I'd highly recommend this or other products like it. It's
quite affordable and very easy to get running (although they need to create
more documentation).</P>
<P>We've been using the new version of nSight for approximately 2 months now
and it's been quite useful and more so by the day. I'm learning that the more
network information nSight collects, the more valuable it becomes. </P>
<P>It's helped us identify the cause of several intermittent problems we've had
for at least a year now because we were able to go back and look specifically
at the point in time where the problem occured (2 times in 2 months). The
problem was knocking off users from a few servers in our DMZ so we're happy
it's been resolved. We also had a couple users who were doing a ton of pirated
software uploads/downloads. We idenitified then within 30 minutes of installing
nSight.</P>
<P><FONT face=Arial size=2>That's about it. Email me off the list if you have
any questions.</FONT></P>
<P><FONT face=Arial size=2>J.</FONT></P>
<P><STRONG>Author: </STRONG><A href="mailto:stevenrakick@xxxxxxxxx";>Steven
Rakick</A><BR><B>Date: </B>
<SCRIPT type=text/javascript><!--
textdate(1122748217);//--></SCRIPT>
2005-07-30 14:30<NOSCRIPT>2005-07-30Â18:30</NOSCRIPT>
<SCRIPT type=text/javascript><!--
timezone(1122748217);//--></SCRIPT>
-400<NOSCRIPT>UTC</NOSCRIPT><BR><B>To: </B><A
href="mailto:jason.heschel@xxxxxxxxx";>Jason Heschel</A>, <A
href="mailto:security-basics@xxxxxxxxxxxxxxxxx";>security-basics</A><BR><B>Subject: </B>Re:
Considering nSight, any thoughts?<BR></P>
<DIV class=messageBody>Jason, I did respond, but to another list. Here's
my<BR>post just in case...<BR><BR>-<BR>Jason,<BR><BR>Been running nSight for a
little over a year now with<BR>data purge after 13 months. We have 3 agents at
remote<BR>offices with each inspecting the traffic of around<BR>700-900 hosts.
It's been quite helpful. We *had* a ton<BR>of P2P traffic in our
networks.<BR><BR>When we started out last year, we tried to host all
3<BR>agents on a low end HP blade (with a laptop hd). After<BR>about 2 months
it became very slow (mostly due to disk<BR>IO). We upgraded to a faster blade
with fast SCSI disk<BR>and it's been flying along ever since.<BR><BR>Also,
according to another poster (Darrin Maidlow) on<BR>Full Disclosure, there is a
beta program in place<BR>right now for nSight 2.0 at<BR><A class=url
href="http://www.intrusense.com/products/beta";>http://www.intrusense.com/products/beta</A>.
I'm not sure<BR>if you're evaluating 2.0 or 1.x.<BR><BR>Steve<BR><BR>--- Jason
Heschel <<A class=email-address
href="mailto:jason.heschel@xxxxxxxxx";>jason.heschel@xxxxxxxxx</A>>
wrote:<BR><I class=quote><BR>> Hello list,<BR>> <BR>> We've spent the
last few weeks evaluating nSight (a<BR>> network analysis<BR>> package
from Intrusense) and are now considering<BR>> making a purchase.<BR>>
<BR>> I'm curious to hear any opinions, problems or praise<BR>> people
have for<BR>> this software. Does it scale well? How does it<BR>> perform
after<BR>> collecting several months worth of data?<BR>> <BR>>
-jason<BR>> </I><BR></DIV><br> <br><hr>Are you a Techie? Get Your Free
Tech Email Address Now! Visit http://www.TechEmail.com<br></body></html>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/