MITRE - Our Work - Technical Papers - 2006 - Snort Management System: Managing Multiple Snort Instances on Many Systems

	Overview
	Acquisition and Systems Analysis
	Airspace Development, Safety, Security
	Command and Control
	Cybersecurity
	Emerging Technologies
	Enterprise Systems Engineering
	Global Networking
	Healthcare Transformation
	Homeland Security
	Intelligence, Surveillance, Reconnaissance
	Large-Scale Enterprise Transformation
	MITRE Research Program
	Technology Transfer Office
	Technical Papers

Home > Our Work > Technical Papers >

Snort Management System: Managing Multiple Snort Instances on Many Systems

December 2006

Andy Bair, The MITRE Corporation

ABSTRACT

The snort management system enables engineers to efficiently manage and deploy small and/or large production snort environments. This system employs the open-source WebJob framework and several other open-source technologies including: oinkmaster, rsync, snort, and ssh. The system is designed to minimize the workload involved in managing the snort rules and related snort configuration files, while maintaining a high degree of security and robustness. A secondary goal of this system is to advance the open-source methodology for managing a large number of snort instances in an enterprise environment. This article describes how the system functions, and it further discusses the advantages and disadvantages of the solution.

» Download Paper [PDF, 448KB]

Additional Search Keywords

N/A

Page last updated: January 3, 2007 | Top of page

	Serving as Architects of Information Advantage.™ Copyright © 1997-2008, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
	Privacy Policy \| Contact Us