|
Details of the eXpert-BSM capabilities are available in the eXpert-BSM and
Graphical User Interface Manuals.
Download Documentation:
Advanced Capabilities:
SRI provides this release of eXpert-BSM as a stand-alone intrusion
detection system for Sun Microsystems Solaris operating systems
for use on a single host system for internal evaluation purposes
only. For more information regarding advanced features and technical
support, please contact
emerald-release@sdl.sri.com.
For those who would like to license this component for operational
deployment in multi-host, enterprise-wide deployments, we provide a
full-featured, advanced version of eXpert-BSM which includes the following
features:
-
Multi-host alert management - with additional components, users
can consolidate and analyze alerts from a suite of distributed
eXpert-BSM or other EMERALD monitors.
-
DBMS services - users can manage and view alerts from a distributed
suite of eXpert-BSM or other EMERALD monitors using our relational
database interface component. We currently support Oracle and Postgres.
Our Multi-host Database User Interface Manual [pdf], presents eAMI v1.3, which allows users to manage alerts from a suite of eXpert-BSM monitors deployed across a network of Solaris hosts.
-
Alert translation services - additional EMERALD components allow
users to translate EMERALD alert reports into a variety of binary
and ascii formats.
-
eResponder - a countermeasure invocation system, tightly coupled
with eXpert-BSM, which provides both automated and manual response
directive execution. [under development]
Value-added services from SRI: the EMERALD development team
can also be engaged for these additional services associated
with use of eXpert-BSM:
-
Consulting services - SRI can negotiate contracts for technical
support, consulting services, and feature extensions for use with
this and other EMERALD components.
-
Knowledge-base updates - licensed users will receive any updates
to the eXpert-BSM intrusion detection knowledge-base produced by SRI.
|
|