CounterSnipe APS v4.0.3

Powered by SC Magazine
 

A combination of intrusion prevention software, host/application discovery, vulnerability detection and intelligent alert management.

CounterSnipe Active Protection Software (APS) provides network-based intrusion prevention security. The APS from CounterSnipe is a combination of intrusion prevention software, host/application discovery, vulnerability detection and intelligent alert management.

The solution is delivered as software and needs to be installed on a Linux-compatible server. The process to fully load and configure the server took about 30 minutes, but it was very easy and did not require substantial Linux expertise as the product is downloadable as a Debian ISO that the admin uses to create a bootable CD. Booting to the CD starts the fully automated process of loading the operating system and application, which gives way to a menu-driven configuration interface for setup.

The software includes Snort as the IDS engine and detects and compares the network traffic with a constantly updated database of IDS/IPS, spyware and malware signatures. As with Snort, admins have various alerting and remediation options available. These actions range from dropping or rejecting traffic (close the connection) to alerting to the presence of the malicious packets. A total of nine different actions are available to provide admins with a truly flexible incident response.

A web-based user interface is used for management and configuration of the sensors. The interface provides a console dashboard and config bar for navigating between devices, classifications, alerting and signature management.

Support can be purchased for 20 or 25 percent of the purchase price and includes hourly updates. We did not find any description of what was covered under support on the website. Documentation was fairly sparse but gave us enough to run through the setup.

There is definitely a place for this technology. If one without a large budget has an environment that requires the deployment of dozens of sensors, this is a very nice alternative to going without protection.

See the original article on scmagazineus.com.

Copyright © SC Magazine, US edition


CounterSnipe APS v4.0.3
 
Features:
Ease of Use:
Performance:
Documentation:
Support:
Value for Money:
Overall Rating
Product Info
Price when reviewed:
500
 
 
 
Top Stories
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
Tracking the year of CIO churn
[Blog post] Who shone through in 12 months of disruption?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1007

Vote