Marketplace Gateway Intrusion Detection

Intrusion Detection

The Intrusion Detection app is the cornerstone of security for any size network. The app uses the highly regarded Snort engine to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. The app can help identify, log and stop (using the IPS plugin) external attack vectors targeting the network (fingerprinting, buffer overflows, brute force authentication etc.). The app contains over 1000 known attack vector signatures with another 8000+ signatures available (with continuous updates) via the IDS update subscription from ClearCenter (app available in the Marketplace).

Documentation for this app can be found here.
Developer
OrganizationClearFoundation
ContactClearFoundation Development Team
Emaildeveloper@clearfoundation.com
Websitehttp://www.clearfoundation.com
Screenshots


Suggested Apps

Users who installed this app also installed the following apps.

Intrusion Prevention
Intrusion Prevention   * * * * -

The Intrusion Prevention app is a plugin to the Intrusion Detection system. The service dynamically creates firewall rules (iptables) to block IP packets if a packet stream matches a known attack signature. Signatures are provided by the intrusion detection app, containing over 1000 known attack vectors. An additional 8,000-10,000 signatures are available (and continually updated) via the IDS update subscription from ClearCenter (app available in the Marketplace).

Intrusion Protection Updates
Intrusion Protection Updates   * * * * -

Intrusion Protection takes an active role at the edge of your network. It detects attempts to gain access to your system by known exploits and then pro-actively firewalls your server from the perpetrator. Having additional attack vector signatures in additional to continual updates is essential in deploying a security perimeter for your network. The Intrusion Protection Signatures and Updates app provides over 12,000 additional signatures and continual weekly updates.

ClearCenter Remote Security Audit
ClearCenter Remote Security Audit   * * * * -

Remote Security Audit is a service for system administrators to limit the damage potential of corrupted or tampered system files. Reviewed on a regular basis, the audit can quickly notify an admin so damage control measures can be taken in a timely manner. The audit notification (sent from ClearCenter's SDN cloud service) is essentially tamperproof against a malicous attacker covering the intrusion due to the creation of a unique audit hash which is stored in the cloud and compared against on subsequent audits.

Other Apps and Services by Developer
IP Settings
IP Settings   * * * * -

An app providing administrators with the ability to configure the most common network tasks. Depending on the number of physical Network Interface Cards (NIC) present in your server, the server can be configured in standalone (1 NIC) or gateway (2+ NICs) mode. In addition to basic NIC settings like type (DSL, Ethernet etc.), role (external, LAN) etc., DNS server settings and virtual interfaces can be configured.

OpenVPN
OpenVPN   * * * * -

The OpenVPN app is a server-side implementation of the OpenVPN protocol. This versatile protocol makes it ideal for either client to server or server to server VPN tunnels using TCP or UDP.

Multi-WAN
Multi-WAN   * * * * -

The multi-WAN feature in ClearOS allows you to connect your system to multiple Internet connections. Multi-WAN offers many benefits to environments requiring a reliable connection to the Internet, including load balancing, packet segregation and automatic failover. The use of this app requires a minimum of two ISP connections to the Internet and three (3) Network Interface Cards (NIC) on this server. Please note, this app does not provide bandwidth aggregation (aka bonding).

Intrusion Prevention
Intrusion Prevention   * * * * -

The Intrusion Prevention app is a plugin to the Intrusion Detection system. The service dynamically creates firewall rules (iptables) to block IP packets if a packet stream matches a known attack signature. Signatures are provided by the intrusion detection app, containing over 1000 known attack vectors. An additional 8,000-10,000 signatures are available (and continually updated) via the IDS update subscription from ClearCenter (app available in the Marketplace).

Administrators
Administrators   - - - - -

An Access Control List (ACL) allowing an administrator (root) to grant sub-administrator access to specific configuration pages within webconfig on a per user basis.

 
ABOUT THIS APP
RATING:
* * - - -
PACKAGE NAME:
app-intrusion-detection
LATEST VERSION:
1.5.15-1
RELEASE DATE:
January 17, 2014
SOFTWARE REPOSITORY:
clearos-updates
COST:
FREE
CATEGORY:
Gateway
TAGS:
IPS IDS PROTECTION MALWARE NETWORK ATTACK VECTORS PERIMETER SECURITY
LICENSE:
GPL
LIBRARY LICENSE:
LGPL
INTRODUCED TO MARKETPLACE:
July 13, 2012
 
TryBuy