Sistemas De Deteccion De Intrusos

SISTEMAS DE DETECCIÓN DE INTRUSOS

eEye® Retina®

Abstract

Retina Network Security Scanner provides vulnerability management and identifies known and zero day vulnerabilities, plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits.

Features

Network Security Scanner

Enables prioritized policy management, patch management, and vulnerability management.

Network Vulnerability Assessment

Identifies network security vulnerabilities, missing application updates, and zero day threats.

Network Discovery and Policy Assessment

Discovers all devices, operating systems, applications, patch levels, and policy configurations.

Vulnerability Management

Enables prioritized policy management, patch management, and vulnerability assessment.

Fast and Accurate Scans

Accurately scans a Class C network of devices, operating systems and applications in ~15 minutes

Policy Compliance

Identifies and simplifies corporate and regulatory requirements (SOX, Health Insurance Portability and Accountability Act of 1996 (HIPAA), Gramm-Leach-Bliley Act of 1999 (GLBA), Payment Card Industry (PCI) and others).

eEye Retina

Type HIDS

Operating System Windows

Hardware Required

Licence Comercial

NIAP Validated True

Common Criteria EAL2

Developer eEye Digital Security

URL http://www.eeye.com/html/Products/Retina/index.html

IBM® RealSecure® Server Sensor

Abstract

IBM RealSecure Server Sensor provides automated, real-time intrusion protection and detection by analyzing events, host logs, and inbound and outbound network activity on critical enterprise servers in order to block malicious activity from damaging critical assets. RealSecure Server Sensor applies built-in signatures and sophisticated protocol analysis with behavioral pattern sets and automated event correlation to help prevent known and unknown attacks.

Benefits

Server protection

Designed to protect the underlying operating system by helping prevent attackers from exploiting operating system and application vulnerabilities.

Web application protection

Provides SSL encrypted application layer intrusion monitoring, analysis, and response capability for both Apache and IIS Web servers.

Advanced intrusion prevention/blocking

Monitors all traffc to and from the server or network in order to detect and prevent inbound attacks as well as block new and unknown outbound attacks such as buffer overflows, Trojans, brute force attacks, unauthorized access and network worms.

Console and network intrusion protection

Provides the flexibility to detect and prevent both console and network-based attacks through log monitoring capabilities that detect malicious activity before it causes any damage.

Broad platform coverage

Provides you with the flexibility to grow their server protection strategy regardless of the environment: Windows, Solaris, HP-UX, AIX® and Linux.

Windows Server 2003 and Windows 2000 Server Certified

This rigorous test is endorsed for business-critical applications by analysts and enterprise customers alike because it verifies features and functionality that make applications more robust and manageable.

Audit policy management

Centralized management of operating system audit policy helps ensure that all critical servers have

...