[Bro] Infrastructure with Bro and SDN-capable switch

just2 at arcor.de just2 at arcor.de
Mon Nov 10 04:52:22 PST 2014

I am a newbie on Bro IDS. I am working on a project in my university.
Goal is to reduce packet drops in IDS by installing a SDN-capable switch which filters and only redirects suspicious content to the IDS, thus reducing workload on the IDS and therefore packet drops.

I started researching on Bro and as far as I understand, it is capable of running in high-speed networks without packet drops.
Therefore my question:
Is it reasonable to do the research project (Bro + SDN switch) or is it very unlikely to have packet drops no matter how much traffic/speed the network is running?

Thank you for your answers,

More information about the Bro mailing list