|
Dragon Host Sensor - Complete package - 1 user - AIX at Backoffice
Dragon Host Sensor - Complete package - 1 user - AIX DSHSS-AIX
|
This product is no longer available.
|
A host-based intrusion detection tool, Dragon Host Sensor monitors individual systems and applications, including today's most common operating systems, for evidence of malicious or suspicious activity in real time, and monitors key system logs for evidence of tampering. Dragon Host Sensor may be deployed on a protected host or on a dedicated analysis system where logs are forwarded and aggregated via SNMP or syslog. Dragon Host Sensor uses a variety of techniques to detect attacks and misuse on a protected system, including analyzing the security event log, checking the integrity of critical configuration files, or checking for kernel-level backdoors. This hybrid approach ensures that no misuse goes undetected in an environment where there is a high degree of variance in the kinds of attacks that are launched against a system. Dragon Host Sensor is able to monitor and analyze the output from most commercial firewalls. Correlating events from firewalls and from Dragon Network and Host Sensors is critical in identifying which events are the most serious, as well as understanding their origin and impact. In addition, Dragon Host Sensor monitors the most commonly attacked applications - such as DNS servers, mail servers, and web servers, including Microsoft IIS. Dragon Host Sensor can also monitor a local system for new services, which is essential in identifying backdoors or unauthorized applications that may have been installed via an "out-of-band" attack or worm.Using non-conventional techniques to identify attempted intrusions or general misuse, the host sensor can be installed on a dedicated system to create a "honeypot" server designed to entice an alarm on attempted intrusions by simulating a fake web server, telnet server, or mail server. In addition Dragon Host Sensor deploys advanced techniques in identifying root-kits and buffer overflows via its kernel-monitoring module. This module traps and analyzes all calls into the kernel and can identify the existence of any kernel-level root-kit - both known and new. It can also identify anomalous privilege escalations/states resulting from successful buffer overflows. Dragon's kernel monitoring capabilities are an essential building block on the path to host-based intrusion prevention - failure to implement this step leaves the host open to attacks that other intrusion prevention solutions cannot detect. Centrally managed via Dragon Enterprise Management Server for signature and configuration updates, Dragon Host Sensor also reports all information - including event description, source/destination IP, source/destination port, raw log (if applicable) and timestamp - to the Security Information Management functionality within Dragon Management Server for forensic and trend analysis.Product Description | Dragon Host Sensor - complete package | Category | Security applications | Subcategory | Security - data encryption, security - intrusion and vulnerability detection, security - VPN software | License Type | Complete package | License Qty | 1 user | License Pricing | Standard | Platform | AIX | OS Required | IBM AIX 4.3.3, IBM AIX 5.1 or later |
GENERAL |
Category | Security applications |
Subcategory | Security - data encryption, security - intrusion and vulnerability detection, security - VPN software |
SOFTWARE |
License Type | Complete package |
License Qty | 1 user |
License Pricing | Standard |
Platform | AIX |
SYSTEM REQUIREMENTS |
OS Required | IBM AIX 4.3.3, IBM AIX 5.1 or later |
|
|
|