Recent changes to Home

Home modified by Gene Guinter

Gene Guinter — Wed, 20 Mar 2019 23:49:09 -0000

--- v2
+++ v3
@@ -1,12 +1,13 @@

+SNĒZ is a web interface to the popular open source IDS programs SNORT® and Suricata. It is written almost entirely in PHP, minimizing client and server software prerequisites. There is one  simple configuration screen with only a handful of parameters to set. This allows for SNĒZ to be dropped onto an IDS server with a minimum number of installation steps and program requirements.
+IDS output can be unified2 or JSON formats.

-SNĒZ is a web interface to the popular open source IDS program SNORT®. It is written entirely in PHP, minimizing client and server software prerequisites. There is one very simple configuration file with only a handful of parameters to set. This allows for SNĒZ to be dropped onto an IDS server with a minimum number of installation steps and program requirements.
+The main design feature of SNĒZ is the ability to filter alerts based on criteria set by, and documented by, a security analyst.   Alerts are viewed and summarized in different ways, filtered, and documented until ideally no alerts remain.   At any time, filters can be suppressed so that all collected alerts can be analyzed for patterns, forensics, etc. 

-The main design feature of SNĒZ is the ability to filter (or dismiss) alerts rather than require alerts to be deleted after review by the security analyst. At any time, filters can be ‘overridden’ so that all collected alerts can be analyzed for patterns, forensics, etc. Of course, the ability to delete filtered alerts is available.
-
-A main design criteria for SNĒZ is speed, obtained by eliminating nice-to-have but unnecessary features. For example, simple page forward and page backward is provided so that queries do not need to read the entire database to create page numbers. SNĒZ does not reformat or rewrite the IDS database, saving time.
+Filters can also be used to hide noisy alerts without deleting them or suppressing them at the IDS.  An effective strategy for dealing with noisy alerts can be achieved by combining alert thresholding at the IDS and filtering in SNEZ. 

 Basic security features include definition of regular analysts and administrators, an adjustable screen timeout, adjustable maximum sign-on attempts and lockout, and the ability to change passwords.

+
 SNORT® is a registered trademark of Sourcefire, Inc. All rights reserved.

WikiPage Home modified by Gene Guinter

Gene Guinter — Tue, 27 Sep 2011 12:40:43 -0000

--- v1 
+++ v2 
@@ -1,5 +1,12 @@
-Welcome to your wiki!
-
-This is the default page, edit it as you see fit. To add a page simply reference it within brackets, e.g.: [SamplePage].
-
-The wiki uses [Markdown](/p/snez/home/markdown_syntax/) syntax.
+
+
+SNĒZ is a web interface to the popular open source IDS program SNORT®. It is written entirely in PHP, minimizing client and server software prerequisites. There is one very simple configuration file with only a handful of parameters to set. This allows for SNĒZ to be dropped onto an IDS server with a minimum number of installation steps and program requirements.
+
+The main design feature of SNĒZ is the ability to filter (or dismiss) alerts rather than require alerts to be deleted after review by the security analyst. At any time, filters can be ‘overridden’ so that all collected alerts can be analyzed for patterns, forensics, etc. Of course, the ability to delete filtered alerts is available.
+
+A main design criteria for SNĒZ is speed, obtained by eliminating nice-to-have but unnecessary features. For example, simple page forward and page backward is provided so that queries do not need to read the entire database to create page numbers. SNĒZ does not reformat or rewrite the IDS database, saving time.
+
+Basic security features include definition of regular analysts and administrators, an adjustable screen timeout, adjustable maximum sign-on attempts and lockout, and the ability to change passwords.
+
+SNORT® is a registered trademark of Sourcefire, Inc. All rights reserved.
+

WikiPage Home modified by Gene Guinter

Gene Guinter — Mon, 22 Aug 2011 22:26:42 -0000

Welcome to your wiki! This is the default page, edit it as you see fit. To add a page simply reference it within brackets, e.g.: [SamplePage]. The wiki uses [Markdown](/p/snez/home/markdown_syntax/) syntax.