Contact Us  |  Site Map
Empty Cart
HOME PRODUCTS SERVICES SUPPORT RESELLERS ABOUT US  
More section links
IPnote
IPnote E2
MyIPnote
OCC
Patriotbox
SAFE

SAFE

Available Licenses
Licensed Copy $9.95

S.A.F.E (Snort Analysis Front End)

The Snort Analysis Front-End software allows you to connect both internally and externally while keeping implementation so simple it's like adding a website to your web services.

With any difficulty eliminated, reporting accurate, neat configuration, and additional administration tools in place, S.A.F.E. takes snort analysis to an industry high at an industry low price!

 DescriptionScreenshots



S.A.F.E. (Snort Analysis Front End). SAFE is built around the best open source Intrusion Detection Engine Snort.

Home Page: The Home Page is like a dashboard with enough detail for a quick snapshot of activity from your Snort sensors.

What is displayed on Home Page?

Graphical displays include:

  • Event History for last hour
  • Top 20 signatures for last hour
  • Top 10 intruders for last hour

System Information (only for Linux Installs)

  • Shows system up time
  • Memory usage
  • Drive space

Main Menu

  • Reports
  • Event List
  • Event Log
  • Graphs
  • Configuration
  • Tools

Search at the Top.

  • Ability to search on key words. The search queries the database for that key word.

Reports Page:

This is the page to generate all of your reports. Once reports are generated, they can be exported to html or csv file and emailed.

 

Event List Page:

This page displays all of the events in the database. You can customize the display by selecting a specific signature, source ip, destination ip, or sensor. There is also an option to display the number of events on the page. Default is 25 but can be configured up to 100.

 

Linkable fields. ID, Source address, Destination address.

  • ID, when clicked will bring up the details for that event.
  • Source Address, when clicked will bring up all events that contain this address as source
  • Destination Address, when clicked will bring up all events that contain this address as destination.

Event Details Page:

 

When you click on the Event ID on the Events page, you will be taken to the Events Detail Page.

 

This will display all of the packet decode information regarding that triggered signature.

 

Source IP address is linkable, when clicked will bring you to the tools page.

 

Event Log Page:

 

The event log page can be considered the “display everything” page. This page displays all events for all sensors. The page is also auto refreshing. Nothing is linkable on this page.

 

Graphs Page:

 

The graphs page will help you generate graphs of events.

These are your options:

  • Event History
  • Top Signatures
  • Top Intruders
  • Top Targets

As with all previous pages, the links on the right will populate the associated fields on the left.

 

Configuration Page:

This is the page for all of the required settings. Most settings you can leave as default, except for the mailserver settings. Those you will need to enter in your own ISP mailserver info.

 

Tools Page:

The tools page is a set of tools Alkasis thought would be set of handy utilities for any security professional. 
HOME  |  PRODUCTS  |  SERVICES  |  SUPPORT  |  RESELLERS  |  ABOUT US|  INFORM
Site Map | Contact Us | Regions | Privacy PolicyPublications
(c) Copyright 2002-2006 - Dalmatech LLC
1900 Lafayette St., Suite 220 - Santa Clara, CA 95050