Symantec
→ Volume License-
Business →
SEC for Snort 2.0
|
|
|
Symantec Event Collector for
Snort 2.0
|
▫ Request A
Quote
▫ Symantec Authorized Reseller |
▫ Free Software Consulting: 888-275-8850
▫ Lowest Volume License Price Guarantee |
|
|
The Symantec Event Collector for Snort
enables centralized, cross-tier logging, alerting, and reporting between
the Symantec Enterprise Security Architecture (SESA) event management
system and Snort intrusion detection applications.
The Symantec Event Collector for Snort retrieves events that are
generated by Snort and forwards these events to SESA. The Event
Collector can be configured to selectively filter the events that are
forwarded to SESA. These events are stored in the SESA DataStore (a
database), and can be viewed in reports, used as the basis for
configuring alert notifications and incident creation, and configured as
raw data for report generation.
The Symantec Event Collector for Snort retrieves events from the Snort
log file. Each supported Snort event is mapped to a corresponding SESA
event. Each supported event is also assigned a Standard Event Code for
use with Symantec Incident Manager.
After you install the Symantec Event Collector for Snort, your Snort
product is integrated with SESA. When a product is integrated with SESA,
you can use the SESA Console to view the events that it forwards to SESA.
The SESA Console provides a central location in which to view and manage
the reporting of event data across multiple SESA-enabled security
products.
|
More Information:
Symantec
Event Collector for Snort |
