Jumat, 21 September 2007

Tactical Network Security Monitoring Platform

13.32  , ,  No comments

I am working both strategic and tactical network security monitoring projects. On the tactical side I have been looking for a platform that I could carry on a plane and fit in the overhead compartment, or at the very least under the seat in front of me. Earlier in my career I've used Shuttle and Hacom boxes, but I'm always looking for something better.

People often ask "Why don't you use a laptop?" Reasons to not use a laptop include:


  • Laptops don't have PCI, PCI-X or PCI Express slots to accommodate extra NICs, especially for fiber connections.

  • Laptops are not designed to run constantly.

  • Laptop storage is not as robust as server storage, since laptops usually accommodate up to two internal hard drives, with some capacity for external storage.

  • Laptops are consumer devices and not generally built for server-type operations.


Today I think I found the device I needed: NextComputing NextDimension Pro, pictured above. The specs are as follows:

  • Single dual-core 2.2 GHz AMD Opteron 275/940

  • 4 GB RAM (2 GB x 2, PC3200/400 MHz DDRAM)

  • Two Marvell Yukon 88E8052 Gigabit Ethernet

  • One NVIDIA nForce4 CK804 MCP9 Networking Adapter (Marvell 88E1111 Gigabit PHY)

  • Two 160 GB 7200 RPM SATA 2.5" Seagate Momentus HDDs connected to on-board four port SATA controller

  • Four 160 GB 7200 RPM SATA 2.5" Seagate Momentus HDDs connected to PCI-X four port SATA RAID controller

  • Four USB 2.0

  • Two external SATA ports

  • One RS232 serial port and one RS232 serial port with RS422/485 adaptor

  • DVD drive

  • Two PCI-X slots OR two PCI Express slots OR one PCI-X and one PCI Express; mine has one 16x PCI Express slot and one PCI-X full length slot.

  • Graphics out via Nvidia


I tried FreeBSD 7.0-CURRENT-200709-amd64-disc1.iso on this machine and it installed flawlessly. If you want to see dmesg output please visit Dmesgd courtesy of NYCBUG.

Check out the storage available. If I need to I could combine /nsm1 and /nsm2 into /nsm using Gconcat.

$ df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/ad4s1a    989M    194M    716M    21%    /
devfs          1.0K    1.0K      0B   100%    /dev
/dev/ad4s1e    9.7G     24K    8.9G     0%    /home
/dev/ad4s1f     77G    4.0K     71G     0%    /nsm1
/dev/da0s1d    577G    4.0K    531G     0%    /nsm2
/dev/ad4s1g    9.7G     12K    8.9G     0%    /tmp
/dev/ad4s1d     39G    1.2G     34G     3%    /usr
/dev/ad6s1d    144G    258K    133G     0%    /var

I am really pleased FreeBSD 7.0 installs on this machine. I may try the i386 version at some point, but I hope to stick with the AMD64 version if possible.

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)