|
Activeworx® Security Center with Snort® IDS
Flexible, Affordable enterprise management solution for Snort® IDS.
Event Management for Snort® IDS
Snort® is the most widely used intrusion detection system today. Activeworx Security Center was designed to integrate tightly with the Snort® event database to provide high valued information from your existing Snort® installations without modifying the original database. AE works very well in a small single sensor installation to the largest of Snort installations with current customers having over 300 event databases.
In a small installation Activeworx Security Center provides customizable dashboards, IDS Policy Manager integration, detailed reporting, interactive graphs, event relationship diagrams and many other ways to view your Snort® events.
In addition, for large installations, you may also utilize the Activeworx® Event Framework (AEF) to expand Activeworx Security Center so that it can provide a complete solution to centralize all of your Snort® events into a common view, correlate against incoming events or vulnerability information and provide highly customizable alerting.
Customizable Dashboards
Activeworx® provides customizable event dashboards to view your Snort® IDS Events. These dashboards allow the user to select from over 50 different event panels such as list views, top graphs, time graphs, time of day graphs, etc... and place them in virtually any layout on the dashboard. These panels can be resized and moved around by the user and saved for later viewing.
(Click for larger image)
IDS Policy Manager v2 Integration
Activeworx® Enterprise integrates with the 3rd party add-on IDS Policy Manager v2. IDS Policy Manager has been the de facto standard in managing Snort policies on Windows since it's initial release in 2000.
The integration of IDS Policy Manager provides seamless enterprise rule management with the ability to quickly view, disable or set a suppression for a rule while viewing information about an event. more information...
(Click for larger image)
Enterprise Reporting
Activeworx® Report Center provides an easy to use, feature rich enterprise reporting engine. Reports can be based on many aspects from event information to quickly generate reports detailing the overall security posture, historical reporting or reports on specific incidents of interest. Reports can be exported in several formats including: HTML, PDF, XLS, etc.. and can be scheduled and emailed at regular intervals.
(Click for larger image)
Event Relationship Diagrams
Activeworx® Security Center also has the ability to display events and the relationship between them. Once these events are displayed, you can replay the order in which they occurred, color code the events based on several characteristics, perform auto layouts to change the way in which the events are being displayed or drill down into the events to gather more details.
(Click for larger image)
Interactive Graphs
Activeworx® provides a highly interactive environment throughout the application. Interactive graphs are one of the many ways to drill down into Snort® events to obtain a better understanding of the information and what the user is really looking at. All graphs can be drilled down on to view events that make up the graphs, or perform a correlation search to create a customized view based on the piece of graph that was selected.
(Click for larger image)
Information Correlation
Activeworx® Enterprise correlation engine adds real time correlation to Snort® IDS. It does this by using simple flow chart symbols to create complex rules that have the ability to correlate against existing data and incoming events. When a suspect event is detected from Snort, AE takes action based on those rules to check other security information in the system making sure that the event is a real threat. It also has the ability to group events with commonalities, such as those involved in Brute Force attacks, into a single event with more in-depth information.
(Click for larger image)
|
Call
Us: 1-800-675-0729
