|
|
The SNARE System Product Overview
The SNARE System provides clear, concise, accurate reporting of the information that is pertinent to your organizations security and audit requirements.
The SNARE System toolset is comprised of the SNARE Server and the SNARE Agents.
The SNARE Server provides a dashboard view of all pertinent audit events from a heterogeneous network. All incoming events (from SNARE Agents and from system log enabled devices) are received into a SNARE Server enabling them to be analyzed, recorded and reported based on the corporate audit requirements. The SNARE Server has a large library of security objective reports, in addition to the ability to create adhoc reports or adjust the templated security objectives, providing flexibility to an organizations reporting structure. These comprehensive reports can then be automatically emailed to the security individual responsible for those systems and audit requirements on a daily, weekly or monthly basis. The reports can also be viewed from the web interface interactively.
The SNARE Agents have been developed for a number of applications and operating systems such as Windows, Solaris, AIX, Irix, Linux, ISA, IIS, etc. The Agents are installed and configured on systems that are to be monitored for specific audit activity. They forward only those events that match the configured audit criteria to the SNARE Server. The SNARE Open Source Agents are licensed under GPL and can be downloaded under the products area.
Commercial SNARE Enterprise Agents have been developed for use only with the SNARE Server and provide added functionality. Commercial agents have been developed for Windows, Solaris, AIX, and IRIX. There has also been a new agent - SNARE for Text Files Agent, which enables the collecting of generic log files from UNIX systems.
The SNARE System Toolset allows for a consolidated view of all your audit requirements on your network.
The data is accumulated in a database which can be archived to either a DVD or CD for forensics and archival purposes, archived by date and by machine/IP Address. The data itself is stored in a text delimited format, which can be accessed on demand and be imported into third party reporting/analysis software tools if required.
The SNARE Server is supplied as either an appliance or software depending on the license required. For those organizations that are required to monitor in excess of 50 SNARE agents, the application and operating system are pre-installed on hardware that has been designed for the SNARE Server. For those organizations that are monitoring less than 50 SNARE agents, the Server is offered as either an appliance or software.