GFI EventsManager Listing updated: March 27, 2009

GFI EventsManager is an award-winning events monitoring, management and archiving solution, that supports a wide range of event types such as W3C, Windows events, Sylogs and SNMP traps generated by devices such as firewalls, routers and sensors.

GFI EventsManager uses event processing and filtering technologies to identify key events out of the box. Advanced event processing rules allow you to filter out unwanted/trivial events and generate alerts on key issues. GFI EventsManager provides real-time alerting when critical events arise, suggests remedial actions and if applicable triggers corrective actions by automatically launching scripts and executable files. The built-in processing rules provided with the product, add significant value to its functionality aspects, because the information is very difficult to find and requires levels of expertise which are not necessary available to end users.

A free, fully functional, 30-day trial is available for download on our website.

• Company: GFI Software
• URL: www.gfi.com
• Email: info@gfi.com
• Screenshot: click here

• Users' Rating: 3.94 [199 votes] - Vote
• Comments: 0 comments - Post

SecurityManager Listing updated: December 5, 2007

SecurityManager employs active and passive remediation for intrusion detection and policy violations. It imposes a Separation of Duties, and enables object locking to ensure 24x7 protection and compliance. Security Manager provides a graphical dashboard highlighting all risk areas so you instantly know about system vulnerabilities before a security breach occurs. With Security Manager you can enforce, track, and report on security policies in real time – all from a single client.

• Company: Business Intelligence 101
• URL: www.bi101.com
• Email: sales@bi101.com
• Screenshot: click here

• Users' Rating: 5 [6 votes] - Vote
• Comments: 0 comments - Post

DirectoryLockdown Listing updated: January 31, 2007

DirectoryLockdown helps protect the directory from "rogue administrators" who assume the rights of highly trusted enterprise administrators in an attempt to subvert the system. Count on DirectoryLockdown to: Reduce the security risks associated with domain administrators acting maliciously. Reduce the security risks associated with domain administrators operating at remote or regional locations. Alert administrators to the possible corruption of Configuration and Schema information so that the corruption can be stopped in its tracks and more.

Key Features: Monitors objects in the Configuration and Schema NCs on DCs 24x7; Detects unauthorized changes to Configuration and Schema NCs on DCs; Alerts network management when a modification to the Configuration or Schema NC occurs on a DC; Prevents the replication to and from the comprised DC by quarantining it; Monitors domain controllers and sends alerts when they are unexpectedly taken offline; Offers flexible response options: (1) Complete response and (2) Alert-Only response; Includes a recovery utility to quickly restore a downed DC; Integrates with MOM (Management Pack) and HP OpenView Operations for Windows (Smartlink)

• Company: Business Intelligence 101
• URL: www.bi101.com
• Email: sales@bi101.com

• Users' Rating: no votes - Vote
• Comments: 0 comments - Post

Security Center Listing updated: July 13, 2006

Security Center is network security software for real-time intrusion detection and prevention. It has a built-in real time scanner that monitors network activity and ranking the threat and vulnerability level of each discovered node.

Security Center key features are: Provides online network discovery, Automatic threat and vulnerability discovery, Enables online nodes display for analyzing network connections and transmission rate, Enables manual or automatic protection against potential intruders, Enables proactive blocking of network nodes based on their MAC address, IP address or computer name, Enables proactive blocking of networks nodes based on their threat level, Support wireless intrusion detection and prevention, Collects network status and protection alerts, Enables alerts forwarding, Email alerts forwarding and SNMP traps alerts forwarding, Provides threats and vulnerabilities reports, Support database exporting capabilities. The Lite version supports up to 100 nodes.

• Company: Lan-Secure
• URL: www.lan-secure.com
• Email: support@lan-secure.com
• Screenshot: click here

• Users' Rating: 4.9 [79 votes] - Vote
• Comments: 0 comments - Post

KFSensor Listing updated: July 13, 2006

KFSensor is a Windows based honeypot Intrusion Detection System (IDS). It acts as a honeypot to attract and detect hackers and worms by simulating vulnerable system services and trojans. By acting as a decoy server it can divert attacks from critical systems and provide a higher level of information than can be achieved by using firewalls and NIDS alone.

KFSensor is designed for use in a Windows based corporate environment and contains many features such as remote management, a Snort compatible signature engine and emulations of Windows networking protocols. With its GUI based management console, documentation and low maintenance, KFSensor provides a cost effective way of improving an organization's network security.

• Company: KeyFocus Ltd.
• URL: www.keyfocus.net
• Email: press@keyfocus.net
• Screenshot: click here
• Price: $990

• Users' Rating: 4.4 [15 votes] - Vote
• Comments: 0 comments - Post

ThreatSentry Listing updated: January 18, 2006

ThreatSentry is a Host Intrusion Prevention software application (HIPS), designed to protect Windows Web servers running Microsoft Internet Information Services (IIS). ThreatSentry is comprised of two components. The first is an Application Firewall, pre-configured with a knowledgebase of known exploitive techniques and attack characteristics. Administrators can establish explicit guidelines for permissible and/or denied activity. The application firewall is coupled with a neural-based Behavioral Engine that organizes server requests into a multi-dimensional baseline of typical system activity. Each server connection is scrutinized by the rule-set configured in the application firewall and the behavioral baseline to identify and take action against any activity falling outside trusted parameters. ThreatSentry’s intrusion prevention capabilities progressively improve as the baseline evolves automatically or based on input from the system administrator.

• Company: Privacyware
• URL: www.privacyware.com
• Email: info@privacyware.com
• Price: $399 per server

• Users' Rating: 4.64 [61 votes] - Vote
• Comments: 6 comments - View / Post

Intrusion SecureNet IDS/IPS Listing updated: May 2, 2005

Using pattern matching for performance and protocol decoding to detect intentional evasion and polymorphic or patternless attacks, as well as protocol and network anomalies before a new attack has a signature created, the SecureNet System can help protect networks and information assets.

• Company: Intrusion Inc.
• URL: www.intrusion.com
• Email: sales@intrusion.com
• Screenshot: click here
• Price: $5000

• Users' Rating: 3.62 [8 votes] - Vote
• Comments: 0 comments - Post

serverM Host Based Intrusion Detection System Listing updated: October 14, 2004

port80’s serverM intrusion detection system monitors your Windows servers and desktops for symptoms of unauthorised computer access, and computer misuse.
serverM uses a rules-based language that enables you to translate your organisation's security policy into a monitoring and intrusion prevention system.

• Company: port80 limited
• URL: www.port80.com
• Email: support@port80.com
• Price: $199 for single server license

• Users' Rating: 4.2 [10 votes] - Vote
• Comments: 0 comments - Post

Enterasys Dragon Host Sensor Listing updated: August 11, 2003

A host-based intrusion defense tool, Dragon Host Sensor monitors individual systems and applications, including today’s most common operating systems, for evidence of malicious or suspicious activity in real time, and monitors key system logs for evidence of tampering. Dragon Host Sensor may be deployed on a protected host or on a dedicated analysis system where logs are forwarded from switches, firewalls, routers and other IDSs and aggregated via SNMP or syslog. Dragon Host Sensor uses a variety of techniques to detect attacks and misuse on a protected system, including analyzing the security event log, checking the integrity of critical configuration files, or checking for kernel level compromises. This hybrid approach ensures that no misuse goes undetected.

• Company: Enterasys Networks, Inc.
• URL: www.enterasys.com
• Email: sales@enterasys.com

• Users' Rating: 4.57 [14 votes] - Vote
• Comments: 0 comments - Post

Entercept Listing updated: October 11, 2002

Entercept provides protection for enterprise servers and applications. Using an extensive intrusion dictionary and an exclusive behavior model, it can identify and stop generic and specific intrusions giving companies protection at the operating system level. The Entercept attack database consists of the following types of attack recognition capability: Known Attack Prevention, Unknown Attack Prevention via it's powerful behavioral rules, Buffer Overflow Exploit Prevention, Resource Protection by locking down the critical system resources, Prevention of Privilege Elevation. Features include: Proactive attack response allowing Entercept to block malicious actions before any damage is done - Preconfigured policy template, including full customization options - Security events can generate email messages, create pager notifications, send SNMP traps, and spawn custom processes - SNMP trap data available for integration with management systems - Built-in management reporting, including log information export capability.

• Company: Network Associates Technology, Inc.
• URL: www.mcafee.com
• Email: ordersupport@mcafeeasap.com

• Users' Rating: 4.25 [12 votes] - Vote
• Comments: 0 comments - Post