Event Monitoring Enabling Responses to Anomalous Live Disturbances

Details of the eXpert-BSM capabilities are available in the eXpert-BSM and Graphical User Interface Manuals.

Download Documentation:


Advanced Capabilities:

SRI provides this release of eXpert-BSM as a stand-alone intrusion detection system for Sun Microsystems Solaris operating systems for use on a single host system for internal evaluation purposes only. For more information regarding advanced features and technical support, please contact emerald-release@sdl.sri.com. For those who would like to license this component for operational deployment in multi-host, enterprise-wide deployments, we provide a full-featured, advanced version of eXpert-BSM which includes the following features:

  • Multi-host alert management - with additional components, users can consolidate and analyze alerts from a suite of distributed eXpert-BSM or other EMERALD monitors.
  • DBMS services - users can manage and view alerts from a distributed suite of eXpert-BSM or other EMERALD monitors using our relational database interface component. We currently support Oracle and Postgres. Our Multi-host Database User Interface Manual [pdf], presents eAMI v1.3, which allows users to manage alerts from a suite of eXpert-BSM monitors deployed across a network of Solaris hosts.
  • Alert translation services - additional EMERALD components allow users to translate EMERALD alert reports into a variety of binary and ascii formats.
  • eResponder - a countermeasure invocation system, tightly coupled with eXpert-BSM, which provides both automated and manual response directive execution. [under development]

Value-added services from SRI: the EMERALD development team can also be engaged for these additional services associated with use of eXpert-BSM:

  • Consulting services - SRI can negotiate contracts for technical support, consulting services, and feature extensions for use with this and other EMERALD components.
  • Knowledge-base updates - licensed users will receive any updates to the eXpert-BSM intrusion detection knowledge-base produced by SRI.

  Release notes EMERALD System Design Lab SRI International Contact