Scott
I've been working on updating my IDS console page, thus far I've only sorted
out the links and there are still a few products missing, but it might be
worth checking out.
http://www.networkintrusion.co.uk/consoles.htm
I've changed the page to only highlight those products that correlate
information from different vendors products.
There are a few salient details on
ACID
AIDE/RSE
CyberWolf
Dragon Server
e-Sentinel
Intrusion Vision
Intrusion SecureEnterprise
KSE/CMDS
NetForensics
Network Security Monitor
Open Esecurity
RTESM
SHADOW

The other consoles/correlation tools should be up within a few weeks

take care and good luck in your quest
-andy
http://www.networkintrusion.co.uk
----- Original Message -----
From: "samargul" <samargulnps.navy.mil>
To: <focus-idssecurityfocus.com>
Sent: Monday, January 28, 2002 8:54 PM
Subject: Networking IDS Correlation Question

> I have been asked by one of my clients to purchase a program which
> correlates Intrusion Detection System (IDS) data from network and host
based
> systems. My clients company is running ISS's RealSecure which is guarding
> its perimeter and high value targets and a proprietary third party IDS
which
> is placed on many of its hosts. The software is searching for all sorts
of
> attacks, both internal and external to the network. Does anyone know of
any
> COTS software products which could aide in this problem? Most of the
> client's enterprise networking is Windows NT 4.0 based. I have been
looking
> at ISS's
> SAFEsuite DecisionsT and Enterasys Networks' Vulnerability Correlation
Tool.
>
> Looking for any opinions, suggestions, comments.
>
> Thanks-
> Scott Margulis
> MCSE/MCP+I
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]