Many companies have deployed a variety of network intrusion detection systems (NIDS) over time as their networks and security strategies have evolved. We certainly found ourselves in this position at the company I work for. We had deployed Snort, Dragon and ManTrap on the network, not to mention Tripwire and all of the host system log files we have to audit. This created a piecemeal system that left us with several administration consoles and hundreds of events to sort through. We needed a way to bring them together into a single console that would enable our security personnel to aggregate, correlate and analyze them. Without that we will be crippled by the sheer volume of events. Furthermore, we wanted to add more sensors to our network, and preferably sensors that were based on a different technology than the signature based systems we had already deployed.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
