mailing list archives
Re: FW/IPS log correlation software
From: "Ronald van der Westen" <rvdwesten () gmail com>
Date: Thu, 10 Apr 2008 15:11:34 +0200
You might wanna take a look at RSA's Envision...
On Sat, Apr 5, 2008 at 11:19 PM, Gleb Paharenko <gpaharenko () gmail com> wrote:
Netforensics SIM (http://www.netforensics.com/) can do this.
You can utilize OSSEC (www.ossec.net) for this purposes as well.
For cisco products perhaps it is better to use MARS
because their SIM is based on old Netforensics.
4 Apr 2008 13:55:40 -0000, mgk.mailing () googlemail com
<mgk.mailing () googlemail com>:
> We have been looking at that for our own systems.
Ronald van der Westen
- Re: FW/IPS log correlation software, (continued)