RE: ISS Siteprotector as syslog server?
From: Rob Shein (shoten_at_starpower.net)
Date: 11/21/04
- Previous message: Dave Aitel: "CRI announcement"
- In reply to: Bowes, Ronald (EST): "ISS Siteprotector as syslog server?"
- Next in thread: Eric Hines: "RE: ISS Siteprotector as syslog server?"
- Reply: Eric Hines: "RE: ISS Siteprotector as syslog server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Bowes, Ronald (EST)'" <RBowes@gov.mb.ca>, <focus-ids@securityfocus.com> Date: Sun, 21 Nov 2004 17:47:16 -0500
In my experience with SiteProtector, it doesn't seem to have had any
facility for even managing the data. It's not a vendor-agnostic,
glue-everything-together kind of SIM; it's designed to provide central
management for multiple ISS products and allow you to correlate data that
comes from them.
> -----Original Message-----
> From: Bowes, Ronald (EST) [mailto:RBowes@gov.mb.ca]
> Sent: Thursday, November 18, 2004 10:09 AM
> To: 'focus-ids@securityfocus.com'
> Subject: ISS Siteprotector as syslog server?
>
>
> We're trying to get several different systems (ips and ids)
> to work together, as we're evaluating ips products made by
> various vendors.
>
> The ips appliances we're using can export their data to a
> syslog server, and it would be nice if we could import the
> syslog data into ISS SiteProtector. Has anybody tried to do
> that before?
>
> Thanks,
> Ron Bowes
>
>
> --------------------------------------------------------------
> ------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world
> attacks from
> CORE IMPACT.
> Go to
> http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_04
0708
to learn more.
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Previous message: Dave Aitel: "CRI announcement"
- In reply to: Bowes, Ronald (EST): "ISS Siteprotector as syslog server?"
- Next in thread: Eric Hines: "RE: ISS Siteprotector as syslog server?"
- Reply: Eric Hines: "RE: ISS Siteprotector as syslog server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
