ACNS Network Security has installed two intrusion prevention systems at MSU's Internet border. One system protects the residence hall computers, and the other protects all other computers. The systems examine every packet that flows through them both inbound from the Internet and outbound. Packets are inspected for attack signatures and protocol anomalies, if they match an attack, they are dropped. These systems are in-line so they can drop attack packets in real time as they are detected. Combined, flows the two intrusion prevention systems block an average of 344,000 attacks per day. During normal traffic patterns about 3 milliseconds of latency are added by the detection process. Our web site "http://networksecurity.msu.edu/" has attack statistic detail available for further review. Intrusion prevention systems are not comprehensive Denial of Service (DoS) prevention devices. Since every packet is inspected, DoS attacks may sometimes exhaust the resources available on any such device and slow network traffic. Once the attack is identified and the sources are blocked, network performance returns to normal. ACNS Network Security is investigating ways to reduce the impact of a DoS attack on the MSU network, both by reconfiguring the intrusion prevention systems and possibly with specialized DoS protection devices. While we have seen some network slowness from the intrusion prevention systems, not all recent network performance issues have involved them. As with any ACNS service issue, network outages and performance issues are reported at "http://servicestatus.msu.edu/". Joe Budzyn Manager Network Security, ACNS -- Joe Budzyn [log in to unmask] 301 Computer Center Ph: (517) 432-7448 Michigan State University East Lansing, MI 48824 On Thu, Feb 02, 2006 at 06:56:18AM -0500, Thomas P. Carter wrote: > > Is anyone else experiencing these annoying slowdowns for > network connections to off-campus sites? The happen with increasing frequency > and with no pattern I can discern. The connection appears to work PARTIALLY, > but loading a web page or downloading something can take far longer than it > should and sometimes fail. > > Yesterday late afternoon I was trying to update a new > computer through Windows Update (at Microsoft’s site) and it took > forever, with several failed attempts along the way. Right now (6:50 am) it’s > happening again. Connections to on-campus sites are just fine during these > times. I’m guessing something’s happening either with our campus > router or our connection to the cloud… > > Anyone else notice this? It’s been happening for > several weeks now. > > Thomas > P. Carter, > > Ph.D. > > Department of Chemistry > Michigan State > University > East Lansing, > MI 48824-1322 >