Document Actions

IDS Filter & Connector

ipLegion Modules

IDS Filter & Connector is the module of ipLegion platform correlating collected information of IDS devices with those of ipLegion Vulnerability Assessment module both installed in a enterprise network. The two research methods combined together reduce the amount of false positives and they help an easier and more effective global view of the whole network, pointing out only the damaging attacks.

IDS Filter & Connector is formed by:

ipLegion IDS Agent It moves data from IDS devices towards the central database of the module.
ipLegion Event Manager It correlates information received by agents and combines them with data of ipLegion platform.
IFC Database It keeps track of all information produced by the module.
We created a smart system of multiple correlations as a remedy to the possible lack of references between events and vulnerability public database (CVE, Bugtraq, etc...) that is typical in the Intrusion Detection System.
The processing data engine is supported by a web interface called IpLegion Analysis Console and integrated into the ipLegion platform which helps the network administrator to analyze the correlation between IDS devices and VA system through many views and an effective data filtering structure.

ipLegion IDS Agent: Features

It has access to IDS devices data in different formats, Unix Domain Socket and database connections among the others.
it makes clear the information of Ids devices
it pre-elaborates the information

ipLegion IDS Event Manager: Features

It correlates IDS alerts and identified vulnerabilities from ipLegion Vulnerability Assessment module through the following:

- simple correlation
- multicorrelation of alerts

it performs a memory caching of information provided by ipLegion Vulnerability Assessment module to lighten the overloaded computing activity and the network traffic.

ipLegion IDS Analysis Console: Features

administration web interface for alert groups.
filter system for IDS reports.
summary graphs.
chronological and summing up view for IP couples such as source/destination and for alert types.

Home >> Products >> IDS Filter & Connector
Document Actions IDS Filter & Connector ipLegion Modules IDS Filter & Connector is the module of ipLegion platform correlating collected information of IDS devices with those of ipLegion Vulnerability Assessment module both installed in a enterprise network. The two research methods combined together reduce the amount of false positives and they help an easier and more effective global view of the whole network, pointing out only the damaging attacks. IDS Filter & Connector is formed by: ipLegion IDS Agent It moves data from IDS devices towards the central database of the module. ipLegion Event Manager It correlates information received by agents and combines them with data of ipLegion platform. IFC Database It keeps track of all information produced by the module. We created a smart system of multiple correlations as a remedy to the possible lack of references between events and vulnerability public database (CVE, Bugtraq, etc...) that is typical in the Intrusion Detection System. The processing data engine is supported by a web interface called IpLegion Analysis Console and integrated into the ipLegion platform which helps the network administrator to analyze the correlation between IDS devices and VA system through many views and an effective data filtering structure. ipLegion IDS Agent: Features It has access to IDS devices data in different formats, Unix Domain Socket and database connections among the others. it makes clear the information of Ids devices it pre-elaborates the information ipLegion IDS Event Manager: Features It correlates IDS alerts and identified vulnerabilities from ipLegion Vulnerability Assessment module through the following: - simple correlation - multicorrelation of alerts it performs a memory caching of information provided by ipLegion Vulnerability Assessment module to lighten the overloaded computing activity and the network traffic. ipLegion IDS Analysis Console: Features administration web interface for alert groups. filter system for IDS reports. summary graphs. chronological and summing up view for IP couples such as source/destination and for alert types.	Navigation Company Products Vulnerability Assessment Antisniff IDS Filter & Connector Net Discovery Backdoor & Worm Monitor Wireless Monitor Consulting Research Training Job opportunities Contacts
© Emaze Networks S.p.A. \| P.IVA 00998050322 \| Terms of use & Copyright

Emaze Networks S.p.A.

Sections

Document Actions

IDS Filter & Connector