[Bro] Hardware recommends
latt0050 at umn.edu
Tue Jan 26 12:01:07 PST 2016
We've been doing the following:
2x Intel® Xeon® E5‐2687W v3
With whatever disk fits your needs. Our worker boxes are a mirrored pair of
120GB SSD. The manager node has slightly larger disk to handle 12h of
storage. A Splunk forwarder ingests from the manager box for
Most of this is in 'dev' right now, but we'll be run around 7x 100GB sets
by the end of the year following the Berkley model. Post-shunting we'll be
running Suricata on the traffic as well.
As a general rule, faster proc > more procs (Seth correct me here if this
On Tue, Jan 26, 2016 at 11:44 AM, James Lay <jlay at slave-tothe-box.net>
> And on the heels of the NIC question, how about hardware experiences?
> I'm looking at the PCIE2 NIC's at both Myricom and Netronome....any
> recommends for the server hardware to wrap around these cards? The plan
> is to have this machine monitor a corporate LAN...lot's of traffic.
> Guessing the team will want to go Dell if that helps. Thanks for the
> advice all.
> Bro mailing list
> bro at bro-ids.org
University of Minnesota - University Information Security
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro