[Snort-users] Advice on Enterprice wide IDS

Patrick Marquetecken patrick.marquetecken at ...1187...
Thu Oct 21 00:12:10 EDT 2004


At work i need to setup a Enterprice wide IDS, with a sensor before the firewall, sensors in our different DMZ zones and one in the lan. And for more then one site. All the logs of these sensors must come to one Admin console.
Whats is the best way for configuring this, logging local and let barnyard send the information to the central server ?

We would like to use openaanval to see "realtime" logging and do some daily and weelky reporting.

All advice is welcom.

More information about the Snort-users mailing list