Security Basics: RE: Log analysis tool for Cisco HIPS/NIPS.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

RE: Log analysis tool for Cisco HIPS/NIPS.

From: "Ryan Counts" <rcounts () firescope net>
Date: Mon, 22 Jan 2007 12:13:31 -0800

You might want to check out the solution my company provides - FireScope.  We can aggregate log data / performance 
metrics / snmp and more from pretty much any network device, boil it up into a web portal that has both a report 
generator and business intelligence interface for your reporting and analysis needs.  

http://www.firescope.com/

HTH
Ryan

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ramki B
Sent: Sunday, January 21, 2007 8:38 PM
To: 'Alberto Madrid'; security-basics () securityfocus com
Subject: RE: Log analysis tool for Cisco HIPS/NIPS.

Hi

Thanks, I had read the doc's but MARS cannot do an off-line analysis
and reporting (or is there a way to do this on MARS?...). Iam looking
for a product that can import security device/SW logs and provide an
interface to analyze and generate reports.


Regards
Ramki

-----Original Message-----
From: Alberto Madrid [mailto:alberto.madrid () ngisolution com] 
Sent: Thursday, January 18, 2007 1:08 AM
To: 'Ramki B'; security-basics () securityfocus com
Subject: RE: Log analysis tool for Cisco HIPS/NIPS.
Importance: High


Hi, Ramki:

Please, take a look a Cisco MARS (Cisco Security Monitoring, 
Analysis and Response System) http://www.cisco.com/go/mars

Regards,

Alberto Madrid
ipsubnet0 () cantv net
MCP, CCNA, CQS, CCSP, INFOSEC Professional.

 

-----Mensaje original-----
De: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] En nombre de Ramki B 
Enviado el: Miércoles, 17 de Enero de 2007 01:28 p.m.
Para: security-basics () securityfocus com
Asunto: Log analysis tool for Cisco HIPS/NIPS.

Hi

I am looking for a good tool to analyze the logs created by 
Cisco NIPS and HIPS (Cisco Security Agent), what tools other 
than Cisco provided are available with reporting functions.

I have a fair idea on the concepts of log analysis but 
without a proper tool it's a very laborious and time consuming task.

Any inputs/directions would help.

Thanks
Ramki

~~~~~~~~~~~~~~~~~~~~~~~~~~
Ramakrishnan B
IM: bramkie () hotmail com
~~~~~~~~~~~~~~~~~~~~~~~~~~
"Be better than the best"
~~~~~~~~~~~~~~~~~~~~~~~~~~



--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.432 / Virus Database: 268.16.13/632 - Release 
Date: 16/01/2007
04:36 p.m.

By Date By Thread

Current thread:

Log analysis tool for Cisco HIPS/NIPS. Ramki B (Jan 17)
- Message not available
  - RE: Log analysis tool for Cisco HIPS/NIPS. Ramki B (Jan 22)
    - RE: Log analysis tool for Cisco HIPS/NIPS. Ryan Counts (Jan 23)
    - Re: Log analysis tool for Cisco HIPS/NIPS. Andrew Hay (Jan 23)