Security Basics mailing list archives

Re: FW/IPS log correlation software

From: "Ronald van der Westen" <rvdwesten () gmail com>
Date: Thu, 10 Apr 2008 15:11:34 +0200

You might wanna take a look at RSA's Envision...

On Sat, Apr 5, 2008 at 11:19 PM, Gleb Paharenko <gpaharenko () gmail com> wrote:

Hi.

 Netforensics SIM (http://www.netforensics.com/) can do this.
 You can utilize OSSEC (www.ossec.net) for this purposes as well.
 For cisco products perhaps it is better to use MARS
 (http://www.cisco.com/en/US/netsol/ns698/networking_solutions_solution.html),
 because their SIM is based on old Netforensics.

 4 Apr 2008 13:55:40 -0000, mgk.mailing () googlemail com
 <mgk.mailing () googlemail com>:

 >  http://www.splunk.com/
 >
 >
 >  We have been looking at that for our own systems.
 >
 >
 >  mgk
 >


 --
 Best regards.
 Gleb Pakharenko.
 http://gpaharenko.livejournal.com




-- 
Ronald van der Westen

Current thread:

Re: FW/IPS log correlation software, (continued)
- Re: FW/IPS log correlation software Udo Sprotte (Apr 04)
- Re: FW/IPS log correlation software bart knippenberg (Apr 04)
  - RE: FW/IPS log correlation software Alfredo Cedeño (Apr 04)
  - Re: FW/IPS log correlation software Albert Gonzalez (Apr 13)
    - RE: FW/IPS log correlation software Nathan Sherlock (Apr 15)
- RE: FW/IPS log correlation software Loupe, Jeffrey J (Apr 04)
- Re: FW/IPS log correlation software TT-SEC (Apr 04)
- RE: FW/IPS log correlation software Kevin Ortloff (Apr 04)
- Re: FW/IPS log correlation software mgk . mailing (Apr 04)
  - Re: FW/IPS log correlation software Gleb Paharenko (Apr 07)
    - Re: FW/IPS log correlation software Ronald van der Westen (Apr 10)
- Re: FW/IPS log correlation software Olmstead, Frank M. - OTR (Apr 04)