Snare. The world standard for effectively gathering and filtering IT-event data for critical security monitoring, analysis, auditing and archiving.

Snare Server

Want to do something useful with your collected event log data? Want your data to be easily analysed within a web browser? With interactive reports, queries, alerts and objectives the Snare Server is what your business needs.


89655730_25a15142a8_z

The Snare Server is a Security Information and Event Management Solution (SIEM), developed in the security labs of the defense industry, that provides robust audit event collection, analysis, reporting and archival capabilities of IT security log data. It can collect from a variety of operating systems, services and applications and can receive event log data directly from Snare Enterprise Agents, Snare Epilog files (ascii text log file), syslog network devices such as routers, switches, firewalls and authentication servers.

While the Snare Server offers the facilities and features required by the most demanding IT environments, it is also a cost-effective solution. With its TCO (total cost of ownership) providing substantial economic value in terms of:

  • Cost to license.
  • Cost to install.
  • Cost to maintain.
  • Cost to run.
  • Cost to retain data.

To find out more, you can download our product summary videos, view our quick screen shot static demonstration or log into an online demonstration.

But in summary, let’s just note a random selection of some of the key overall Snare Server facilities.

  • Tailored Objectives: Ability to add, modify or remove specific clonable objectives that have their own configurations, access controls, and distribution settings. Over 100 different reports including administrative security, sensitive file monitoring and user login activity.
  • User/Group Administration: The Snare Server offers you the ability to restrict particular capabilities and reports to particular Snare Server users. It also allows integration with Active Directory for user authentication.
  • Email Reporting: Snare includes the ability to automatically email regular or adhoc reports to a list of users, at identified intervals (eg: daily, weekly, monthly). This provides security administrators with the capability to facilitate access to Snare reports, without providing a login to the Snare Server.
  • Configuration Checking: Snare can collect, view, and report on configuration related data reported by the various Snare Agents. Examples include User and Group information, or Lotus Notes Access Controls.
  • Agent Management Console: Ability to manage the Snare Agents configuration through the Snare Server interface. Agents also have the ability to filter events at the front-end, reducing the load on your network, and local disk via their custom objective settings.
  • Network Device Reporting: Snare can collect from a variety of Network devices that supports syslog. This includes all common enterprise Firewalls, Routers and Switches.
  • Click-Through Detailed Analysis of Logging Data: Users can drill through for more information in each objective to view more details on the data.
  • IOS Access Controls: IOS Access Controls can be checked against an authorized copy. Differences are visually highlighted.
  • CISCO Pix/ASA Firewall Reporting: CISCO Pix/ASA Firewalls, CISCO Routers, and other similar devices that use IOS, can report to the Snare Server.
  • Reflector technology allows collected events to be sent in real time to muliple destinations, such as failover/backup Snare Server or 3rd party collection system.
  • Compliance reporting. The Snare Server comes with many template objective reports to assist businesses with their compliance with PCI DSS, SOX, HIPPA and other standards. These can be customised to suit the local reporting needs.

Event and Log Sources

The Snare Server provides a centralized logging collection, analysis, reporting and archival capability for a variety of operating systems, appliances, and servers, including:

Templated access and reports for the following systems:

ACF2
RACF
CISCO Routers / IOS
CISCO 6500 Firewall
CISCO Pix/ASA Firewall
CyberGuard Firewall
CheckPoint Firewall 1
Gauntlet Firewall
Netgear Firewall
Netgear Router
Netscreen Firewall
Nortel VPN devices
IPTables Firewall
MAC OSX
Microsoft ISA Server
Microsoft IIS Server
Microsoft FTP Server
Microsoft Exchange Server
Microsoft Chat Server
Microsoft Proxy Server
Apache
Squid
Point of Sale terminals (POS)
Lotus Notes
Snort NIDS
IBM Socks Server
Universal Log Format
Generic Syslog Data from any other syslog device

Documentation

View the Snare Server User Guide.


Screenshot Tour

Click on a screenshot to expand the image. For more detailed information, please look at the Snare Server Demonstration, or feel free to Contact Us with any questions.

WP-Backgrounds Lite by InoPlugs Web Design and Juwelier Schönmann 1010 Wien