Snort mailing list archives

Previous By Date Next
Previous By Thread Next

AW: Enterprise deployment

From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Sun, 3 Feb 2002 16:39:46 +0100
Hi,

I'm currently searching for information about a global enterprise deployment
of snort sensors over WAN links. I know there is support for mysql logging
and analysis with ACID but what I want to have is something like commercial
IDS have: On each location there is one central point to summarize all
events and send them to a central enterprise mysql database on which ACID
will work. So there is no need for every sensor to report to the central db
but only the "event summarizer". The connection between the summarizers and
the central db should be encrypted.

Did anyone already deploy such an environment and if yes how did you do it
exactly (which tools, scripts, os, ...)? I would prefer a linux solution
although other os might be ok too ;)

TIA,
Sandro

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: