Re: IDS evaluation

From: Loki (
Date: 08/22/02

From: "Loki" <>
To: <>
Date: Thu, 22 Aug 2002 17:19:31 -0400

For you snort admins out there who have been wanting to get out of the
web-based Snort monitoring environment, Applied Watch Technologies is
going to soon announce its release of the Vigilad Command Center, the
worlds first true, OS-native Security Information Management (SIM)
system for the Snort IDS. It has distributions for Windows, Mac, Unix,
and Linux platforms. It is currently being evaluated by the Department
of Defense and will soon be offered for home/non-commercial users as
well. Our web site is located at

Stefan, this might serve as an alternative to centralized monitoring of
your Snort IDS agents should you choose that route.

Eric Hines

Eric Hines
CTO, President
Applied Watch Technologies
[p] (412) 303-3115
[a] Applied Watch Technologies
    149 Rossmor Court
    Pittsburgh, PA. 15229
This transmission may contain information that is
privileged, confidential and/or exempt from disclosure
under applicable law. If you are not the intended
recipient, you are hereby notified that any disclosure,
copying, distribution, or use of the information
contained herein (including any reliance thereon) is
STRICTLY PROHIBITED. If you received this transmission
in error, please immediately contact the sender and
destroy the material in its entirety, whether in
electronic or hard copy format. Thank you.


-----Original Message-----
From: Stefan Dens []
Sent: Thursday, August 22, 2002 12:36 PM
Subject: Re: Re: IDS evaluation


>I'm a Snort fan but deploying 12 of them with central management needs
>good expertise and multi-tool gluying skills.

I'm also a snort fan but deploying 12 sensor with a central management
is easy. Take a look at SnortCenter , it is
a complete management system to manage remote snort sensors. Next week
there will be a new version available with a lot of new features. The
new version will also work on linux, *BSD, solaris & Windows.

And the best of all it's free under GPL license

Stefan Dens

 Saad Kadhi <> wrote:
On Wed, Aug 21, 2002 at 04:04:07PM -0400, Elijah Savage wrote:
>> I am coming to you experts for a little help. It has come time to
>> renew our maintenance contract with cisco we have the old netranger
>> product. Well my company wants me to do a review of 3 products of my
>> choice to see what other products may provide us a better solution
>> that what we currently have. We have 12 IDS sensors currently. Can
>> you all recommend 3 products that will be worth my time to take a
>> look at?
>If central management/event correlation is what you need then my list
>would be: 1.Enterasys Dragon 2.Cisco Secure IDS
>However, the new appliances from Cisco that promise better performance
>than Dragon (among other things) are still vaporware at this time.
>I'm a Snort fan but deploying 12 of them with central management needs
>good expertise and multi-tool gluying skills.
>Saad Kadhi
>[pgp keyid: 35592A6D]
>[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63 65EB 34F1 DBBF 3559 2A6D]
># booth slave for hire