Intrusion Prevention and Detection: Securing Information - Essay Example

Top of Form Grid for SLPs     Software Products Brief of the program and what it claims to do Specific business needs being addressed by program and value delivered by itYour reasons why you decided to check it out (first impression)Your overall evaluation of it, to the degree that you can judge; is it something youd use?  Why? (Please comment also on the effectiveness of the demo itself)Symantec Host Intrusion Detection and Prevention Solutionhttp://www.symantec.com/press/2003/n030623a.htmlhttp://www.symantec.com/connect/articles/multi-layer-intrusion-detection-systemsSymantec Host IDS improves the safety of critical server platforms all through the business by offering real-time intrusion detection as well as new proactive intrusion hindrance.

It presents innovative procedure for management of capabilities that jointly offer an efficient and non-intrusive prevention solution to prevent threats like that buffer overflow attacks as well as Trojan horse attacks. To cut the price of ownership, Symantec Host IDS is integrated with the Symantec Security Management System, which is an administration structure that offers frequent data collection, logging as well as reporting intended for Symantec and third-party products. Symantec Host IDS also presents wide platform support like for Windows 2000, Windows XP, Windows NT, Solaris 8 as well as for Solaris 9 and the capability to co-exist by means of Symantecs previous host-based IDS, Intruder Alert 3.

6, to offer a singular sight into IDS security proceedings. Symantec Host IDS is extremely scalable as well as simply handled from a single administrative platform. Administrators are able to produce and organize monitor policies; gather and archive audit logs intended for incident analysis and reporting, as well as automatically receive the newest intrusion signatures in the course of a central management console. Security Task Managerhttp://www.snapfiles.com/Shareware/security/swsecuritytools.

html http://www.snapfiles.com/get/securitytask.htmlSecurity Task Manager offers an enhanced security risk rating that is foundational upon the analysis that takes diverse aspects of the procedure into consideration, as well as points out the probability of the procedure being potential spyware, malware or a Trojan. This sign is simply foundational upon generic analysis, as well as does not utilize some signature files, so it is open to interpretation through the (advanced) user.Security Task Manager is an improved task manager that offers higher information concerning programs as well as procedures operational on the computer.

It exhibits the entire standard information, comprising file name, directory path, explanation, CPU handling etc. in addition a unique security risk rating.Security Task Manager offers a security displays that include start time, the icon of the procedure, hidden functions as well as more. It is able to identify virtual driver software, services and BHOs or procedures hidden from the Windows task manager. In case of Security Task Manager we are able to terminate some procedure, delete it, or alternately quarantine it that will disable it from running again without in fact deleting it.

Extra information is offered by means of context sensitive Google results. In addition, we are able to customize risk ratings through adding our own comments. OSSEChttp://www.ossec.net/main/getting-started-with-ossec/OSSEC is an Open Source Host-based Intrusion Detection System. It carries out log analysis, policy monitoring, file integrity checking, real-time alerting, rootkit detection as well as active response.OSSEC offers a simplified centralized administration server to handle policies across numerous operating systems.

In addition, it lets customers describe server specific overrides intended for finer grained policies. OSSEC allows customers put into practice a complete host foundational on the intrusion detection system by means of fine grained application/server related policies across numerous platforms like that Solaris, Linux, HP-UX, AIX, BSD, Mac, Windows as well as Vmware ESX.OSSEC is a complete platform to monitor as well as control the systems. It combines jointly all the aspects of HIDS (host-based intrusion detection), log monitoring as well as SIM/SIEM jointly in an easy and powerful and open source solution.

In addition, it is also completely supported by Trend Micro.Summary and conclusions from a user and organizational level In this overall analysis I have analyzed that Symantec Host Intrusion Detection and Prevention Solution is the most effective solution for the management and handing of small to large business platforms. It offers a lot of security features and protection parameters those can easily secure and protect business and corporate communication and working arrangement. Cumulative learning I have assessed that protecting corporation is not a single task.

It includes a set of activities those work in a combined way in order to offer better management of security and protection for the business and for the corporations.