Re: FW/IPS log correlation software

---

• From: "Ronald van der Westen" <rvdwesten@xxxxxxxxx>
• Date: Thu, 10 Apr 2008 15:11:34 +0200

---

You might wanna take a look at RSA's Envision...

On Sat, Apr 5, 2008 at 11:19 PM, Gleb Paharenko <gpaharenko@xxxxxxxxx> wrote:

Hi.

Netforensics SIM (http://www.netforensics.com/) can do this.
You can utilize OSSEC (www.ossec.net) for this purposes as well.
For cisco products perhaps it is better to use MARS
(http://www.cisco.com/en/US/netsol/ns698/networking_solutions_solution.html),
because their SIM is based on old Netforensics.

4 Apr 2008 13:55:40 -0000, mgk.mailing@xxxxxxxxxxxxxx
<mgk.mailing@xxxxxxxxxxxxxx>:

> http://www.splunk.com/
>
>
> We have been looking at that for our own systems.
>
>
> mgk
>


--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com

--
Ronald van der Westen

---

• References:
  • Re: FW/IPS log correlation software
    • From: mgk . mailing
  • Re: FW/IPS log correlation software
    • From: Gleb Paharenko

• Prev by Date: Re: Protection against fake mails
• Next by Date: Re: AW: nix based ftp server suggestions
• Previous by thread: Re: FW/IPS log correlation software
• Next by thread: Re: FW/IPS log correlation software
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > security-basics  > 2008-04