Seven Minute Video Shows Activeworx Features
CrossTec has released a short podcast video highlighting some of the many features in Activeworx Security Center. The video, which was written and recorded by Albert Caballero, voiced by Rick Shultz and edited by Doug Taylor covers Activeworx features such as forensics, correlation and reporting.
To See the Video Please Visit:
http://www.crossteccorp.com/activeworx/activeworx-video.html
Wednesday, January 31, 2007
Tuesday, January 30, 2007
New Activeworx SMC Effectively Manages and Monitors Snort® events
New Activeworx SMC Effectively Manages and Monitors Snort® events
SMC provides cost effective IDS tools to focus on identifying and responding to threats.
BOCA RATON, Fla. (January 30, 2007) -- CrossTec Corporation (http://www.crosstecsecurity.com/) has released Activeworx SMC -- a low cost, user friendly, solution for managing and monitoring Snort® IDS events and keeping Snort policies and rules up-to-date on sensors. With a combination of easy to understand graphs, charts, and event diagrams, and the ability to look at packet headers and payload data, Activeworx SMC provides vital tools necessary for an IDS administrator to focus on what’s important: quickly identifying and responding to interesting events.
Snort® IDS has become the most widely deployed intrusion detection technology worldwide. While most of the management tools available are limited, expensive, or difficult to use, Activeworx has introduced the new Snort Management Center (SMC), based on the full-blown security information and event management (SIEM) solution, Activeworx Security Center (ASC). Activeworx SMC is priced from $395 per sensor.
According to Jeff Richards, Vice President of CrossTec’s Security Division, “Activeworx SMC offers an affordable solution that provides unprecedented features for managing Snort® IDS events, such as customizable dashboards, detailed IDS reporting, interactive graphs, and event relationship diagrams.” Activeworx SMC also boasts complete IDS policy management including Snort policy updates, and it gives you the ability to push new Snort policies to sensors from a central location plus numerous ways to view, analyze, and manage snort events.
Activeworx SMC integrates tightly with the Snort® IDS event database to provide high valued information from existing Snort® IDS installations, without modifying the original database schema. Activeworx SMC includes Activeworx IDS Policy Manager V2, which has been the de facto standard for managing Snort policies on Windows since its initial release in 2000. According to Richards, “Whether it’s a new Snort installation, or one that has been in place for years, there has never been a more effective, less intrusive, and less expensive centralized management console for Snort.”
The integration of IDS Policy Manager into a Snort Event Management solution not only provides the ability to view, correlate, and report on Snort events, but it adds seamless IDS rule management and deployment. Administrators now have the ability to quickly view, disable or set suppression for a single rule on a single sensor, or to deploy a rule change to all Snort sensors, while viewing information about an event that is currently triggering, all within the same console view. IDS Policy Manager adds easy updates and deployment of Snort rules to the familiar Activeworx event management interface for more proactive management of all Snort® IDS installations.
For more information: http://www.crosstecsecurity.com/Products/ActiveworxSMC/tabid/82/Default.aspx
Wednesday, January 24, 2007
CrossTec Offers Free Asset Management Software with Purchase of CrossTec Remote Control
CrossTec Promotion Provides Free Asset Management Software with Purchase of CrossTec Remote Control
Limited time offer provides CrossTec Remote Control customers with free EMS Standard module
Boca Raton, FL (January 24, 2007) CrossTec Corporation http://www.crossteccorp.com/ announced a limited time special offer for network administrators and help desks. Customers who purchase CrossTec Remote Control TM will receive CrossTec EMS TM (Enterprise Management System) Standard at no additional charge. EMS Standard is an asset management solution that enables organizations to better manage network PC hardware and software inventory by providing in-depth reports and vital alerts.
According to Doug Taylor, CrossTec’s Vice President of Marketing, “EMS makes your job easier by instantly locating PCs which need to be upgraded, or which may have non-approved devices and software installed.” A wealth of information is provided by EMS reports for individual PCs, departments, or for an entire organization. EMS alerts users about recently installed or removed hardware which helps reduce theft. EMS Standard also reports on which applications are not being used on installed systems which will save money on license fees.
For more information: www.crossteccorp.com/ems/
Limited time offer provides CrossTec Remote Control customers with free EMS Standard module
Boca Raton, FL (January 24, 2007) CrossTec Corporation http://www.crossteccorp.com/ announced a limited time special offer for network administrators and help desks. Customers who purchase CrossTec Remote Control TM will receive CrossTec EMS TM (Enterprise Management System) Standard at no additional charge. EMS Standard is an asset management solution that enables organizations to better manage network PC hardware and software inventory by providing in-depth reports and vital alerts.
According to Doug Taylor, CrossTec’s Vice President of Marketing, “EMS makes your job easier by instantly locating PCs which need to be upgraded, or which may have non-approved devices and software installed.” A wealth of information is provided by EMS reports for individual PCs, departments, or for an entire organization. EMS alerts users about recently installed or removed hardware which helps reduce theft. EMS Standard also reports on which applications are not being used on installed systems which will save money on license fees.
For more information: www.crossteccorp.com/ems/
Monday, January 8, 2007
Running the SANS Top 5 Essential Log Reports with Activeworx Security Center
Many security organizations around the world are working hard to develop standards for
reporting with recommendations on what types of report can be most useful and for
whom. In the following section we will take the Top 5 Essential Log Reports as
recommended by the SANS Institute www.sans.org and see how ASC can effectively address these best practices with built-in and customizable reports.
Top 5 Essential Log Reports as recommended by SANS Institute:
1) Attempts to Gain Access through Existing Accounts
2) Failed File or Resource Access Attempts
3) Unauthorized Changes to Users, Groups and Services
4) Systems Most Vulnerable to Attack
5) Suspicious or Unauthorized Network Traffic Patterns
Creating valuable information from millions of system events can be an extremely
difficult and time consuming task. Particularly when these events are being generated on
disparate devices such as firewalls, IPS/IDS appliances or different server operating
systems the challenges are two fold. Firstly collecting all the data and then generating
valuable reports or analysis based on potentially millions of different events. As we shall
see in the following exercises the key to running these reports is, know what you are
looking for.
Activeworx Security Center (ASC) is designed to help you build intelligence and increase
the visibility of your network based on a large amount of seemingly unrelated security
events. This is most obvious and valuable when running reports either for compliance or
internal security analysis.
http://www.crossteccorp.com/whitepapers/resources/SANSTop5ReportsandASC1.pdf
reporting with recommendations on what types of report can be most useful and for
whom. In the following section we will take the Top 5 Essential Log Reports as
recommended by the SANS Institute www.sans.org and see how ASC can effectively address these best practices with built-in and customizable reports.
Top 5 Essential Log Reports as recommended by SANS Institute:
1) Attempts to Gain Access through Existing Accounts
2) Failed File or Resource Access Attempts
3) Unauthorized Changes to Users, Groups and Services
4) Systems Most Vulnerable to Attack
5) Suspicious or Unauthorized Network Traffic Patterns
Creating valuable information from millions of system events can be an extremely
difficult and time consuming task. Particularly when these events are being generated on
disparate devices such as firewalls, IPS/IDS appliances or different server operating
systems the challenges are two fold. Firstly collecting all the data and then generating
valuable reports or analysis based on potentially millions of different events. As we shall
see in the following exercises the key to running these reports is, know what you are
looking for.
Activeworx Security Center (ASC) is designed to help you build intelligence and increase
the visibility of your network based on a large amount of seemingly unrelated security
events. This is most obvious and valuable when running reports either for compliance or
internal security analysis.
http://www.crossteccorp.com/whitepapers/resources/SANSTop5ReportsandASC1.pdf
Subscribe to:
Posts (Atom)
