SURFnet High-qualitiy Internet for higher education and research
SURFnet connects the dutch networks of universities, colleges, research centres, academic hospitals and scientific libraries to one another and to other networks in Europe and the rest of the world.
You may want to have a look on their network structure.
Below you can see first screenshots of the SURFnet IDS webinterface.
The intrusion systems structure is really sexy, surfnet ids uses openvpn to route traffic from different network ranges to a central server running nepenthes. As they had some whishes in nepenthes logging, we sat together and created a module log-surfnet that logs the attacks and details to a postgres database.
The webinterface supports usergroups, and allows each user to see how poisend his own network is compared to others.
Click the images for full size, or visit http://ids.surfnet.nl/screenshots/ for more.
The surfnet ids projecthomage offers more information about the setup, so some short details as a teaser
Not to mention the log-surfnet nepenthes module will make it into the upcoming nepenthes release.