From: Oliver Friedrichs (oliver_friedrichssymantec.com)
Date: Mon Jul 07 2003 - 18:10:43 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Everyone,

I am pleased to announce the release of version 4.2 of DeepSight Extractor,
and the update of the DeepSight Analyzer web-site.

This release of DeepSight Extractor adds support for Norton Personal
Firewall 2003, Norton Internet Security 2003 and Internet Security Systems
SiteProtector 2.0. Users of these products can download the new DeepSight
Extractor software, and benefit from the free DeepSight Analyzer service.
In addition to the new DeepSight Extractor release, the DeepSight Analyzer
site has been updated to reflect the acquisition of SecurityFocus by
Symantec last year.

The latest version of DeepSight Extractor can be obtained from:

http://analyzer.symantec.com/download.asp

DeepSight Extractor 4.2 now supports the following Intrusion Detection and
Firewall systems:

BlackIce 2.0-3.x
Cisco IOS 12.x
Cisco PIX 4.2-5.1
Cisco Secure IDS 2.5-3.0
Enterasys Dragon 4.2.2
Check Point Firewall-1 Next Generation, NG
IP Chains
ipmon (IPF)
NetProwler 3.5x
NetScreen 200, 100, 50, 25, 5XP
Norton Internet Security 2003
Norton Personal Firewall 2003
RealSecure 3.1-5.5, 6.00-7.0
SiteProtector (ISS) 2.0
Snort 1.6-1.9.x,2.x
Snort Portscan 1.6-1.9.x,2.x
Snort Scan Log 1.9-2.x
ZoneAlarm 2.6.0-3.7

DeepSight Analyzer is a free web-based event management console providing
correlation and reporting on events being observed by your security
devices.

You can register for DeepSight Analyzer at:

http://analyzer.symantec.com

By joining the DeepSight Analyzer program at Symantec, you receive a number
of benefits. DeepSight Analyzer gives you the following functionality, at
absolutely no charge to you:

1. Automated Daily Summary Reports

Each day, at the time that you choose, you will receive a summary report
via email. This report summarizes all activity that your sensors have
observed over the previous 24 hour period. This report includes the top
events that you have seen, the top ports that you have seen activity on,
the top IP addresses from which this activity has originated, and the
countries from which the events originated.

2. Online Event Viewing

You will receive access to the web-based DeepSight Analyzer online console.
Through this console you can view a history, for previous 30 days, of all
events that your systems have submitted. In addition to viewing events,
DeepSight Analyzer will allow you to draft a notification message, to be
sent to the owner of a network from which you have been attacked. This
message will contain a detailed list of all events observed from the
originating network.

3. Online Report Generation

Through the DeepSight Analyzer online console you can generate reports,
summarizing event activity over a period of time. You can report on the top
events that are being observed on your network, determine which country,
ISP, and IP addresses are attacking you, and summarize activity for a
particular attacker.

Feel free to contact me directly or email analyzersymantec.com, if
you have any questions or need assistance in getting up and running,

Oliver Friedrichs
Sr. Manager - DeepSight
(650) 381-8045

-------------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with vulnerability
info, reduces false positives with the click of a button, and distributes this
information to hundreds of users.

Visit Tenable Network Security at http://www.tenablesecurity.com to learn more.
-------------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]