Demarc Sentarus 5
Highly configurable intrusion detection, clear reporting, Snort NIDS.
Despite being a top-quality intrusion detection/prevention and vulnerability assessment appliance, this might not suit the smaller SME in terms of complexity and price.
If you are looking for a mature, well designed NIDS system with added functions, look no further, but if you were looking for a simple, all-in-one security fix, this will probably not meet your needs.
Sentarus, Demarc's flagship product, combines a range of security solutions within its rack-mountable chassis, but its main function is intrusion detection and detailed report generation.
Featuring advanced network intrusion detection, host intrusion detection, intrusion prevention, monitoring, application and process regeneration, as well as assessment of vulnerabilities, it is clear where Demarc's priorities lie.
The idea is to present the myriad of information in a straightforward management interface.
The deployment of Sentarus is designed to be completely scalable. You can install a single management console, which includes an integrated network sensor, and should your network expand, then additional sensors can be added when required.
The basic network intrusion detection engine is based on an enhanced version of the popular and respected open-source intrusion detection system Snort. This sits on a hardened version of Linux.
The management interface is highly configurable, and includes features such as the ability to investigate security attacks.
And while many of the tools are relatively standard – port mapping and traceroute, for example – it is useful to have them immediately available through the console. Full packet capture capabilities also allow you to view an entire attack on your network at a later time.
The console also comes with a rule editor, so that, whatever your level of expertise, you will be able to configure the product to a high level of security.
As well as intrusion detection and prevention, the Sentarus takes network monitoring seriously in order to protect your network from inadvertent outages. The list of checks is comprehensive.
Demarc has also seen fit to tackle potential security issues at the host level and, through a combination of methods, can be configured to ensure user privileges are not wrongly changed and sensitive file access rights are as they should be.