Access "Knoppix-NSM removes complexity of Snort-based network security monitoring"
This article is part of the October 2007 issue of Tips from the 2007 Security 7 Awards
As an information security manager, you've very likely come to appreciate the benefits of Snort, the immensely popular open source network intrusion detection system. But you may have balked at implementing Snort-based network security monitoring because integrating and using Snort and complementary tools may be technically daunting, or require too much of your staff's time and energy to make it worth the effort. Snort alone doesn't give you a complete network security monitoring tool, and integrating and using all the pieces you need may be frustrating. The popular BASE console, for example, is often used with Snort, but like all Web-based consoles, it lacks speed, doesn't provide real-time alerting and has limited analysis functionality. But now this critically important security capability can be well within your means, thanks to The Tao of Network Security Monitoring. Unlike Web-based consoles like BASE, Sguil is fast and makes it easy to spot potentially dangerous events. BASE, the Basic Analysis and Security Engine, is the standard-bearer of Web-based ... Access >>>
Premium Content for Free.
Achieving Access Control with Symark PowerBroker 5.0
In this product review, discover everything you need to know about Symark PowerBroker 5.0, such as policy control, logging and reporting capabilities, configuration and management.
Guardium SQL Guard 6.0 product review
Guardium SQL Guard 6.0 is evaluated on its ability to monitor access to SQL databases. SQL Guard ensures a system of checks and balances between the security and database engineering teams.
Knoppix-NSM removes complexity of Snort-based network security monitoring
by Russ McRee, Contributor
Open source Knoppix-NSM is a complete network security monitoring system on a single CD.
Device Management: Pointsec Protector software review
Pointsec Protector manages unsecured ports and endpoint devices while transparently delivering encryption, filtering content, enforcing policies and maintaining an audit trail, even when mobile devices are disconnected from the network.
BeyondTrust Privilege Manager 3.0 product review
BeyondTrust's Privilege Manager 3.0 addresses elevated user privileges through a Group Policy extension that allows organizations to control permissions for selected processes and applications.
- Achieving Access Control with Symark PowerBroker 5.0
SonicWALL TZ 180W firewall product review
SonicWALL TZ 180W is an effective firewall for small- and medium-size businesses with a subset of features that will appeal to network managers.
Proofpoint On Demand Product Review
In this product review, learn about Proofpoint On Demand antivirus and antispam features.
Security 7 Award winners successfully integrate security and business
The 2007 Information Security magazine Security 7 Award winners demonstrate how their strategies for integrating their security programs into the overall business.
Log management reins in security and network device data
Learn how to manage log data from security and network devices in order to manage security events in real time.
Automated configuration management tools clean out redundant rules
Change management becomes a tough challenge when implementing numerous firewalls.
- SonicWALL TZ 180W firewall product review
Learn to balancing security and usability
Security measures such as constant password changes, are becoming intrusive, and the return is questionable.
Interview: CISO explains enterprise's access control policies
Access control and authentication isn't as simple as setting up user IDs and passwords.
Vendor compliance management: Are health care software vendors HIPAA compliant?
Software used in health care is rife with vulnerabilities. It's time vendors shape up.
- Viewpoint: Hard drive encryption growing
Redefining free security software
Popular open source security products such as Nessus, Snort and Clam AV are being commercialized, redefining the notion of free software.
- Learn to balancing security and usability
More Premium Content Accessible For Free
For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...