Marketplace Gateway Intrusion Detection

Intrusion Detection

The Intrusion Detection app is the cornerstone of security for any size network. The app uses the highly regarded Snort engine to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. The app can help identify, log and stop (using the IPS plugin) external attack vectors targeting the network (fingerprinting, buffer overflows, brute force authentication etc.). The app contains over 1000 known attack vector signatures with another 8000+ signatures available (with continuous updates) via the IDS update subscription from ClearCenter (app available in the Marketplace).

Documentation for this app can be found here.
Developer
OrganizationClearFoundation
ContactClearFoundation Development Team
Emaildeveloper@clearfoundation.com
Websitehttp://www.clearfoundation.com
Screenshots


Suggested Apps

Users who installed this app also installed the following apps.

Intrusion Prevention
Intrusion Prevention   * * * * -

The Intrusion Prevention app is a plugin to the Intrusion Detection system. The service dynamically creates firewall rules (iptables) to block IP packets if a packet stream matches a known attack signature. Signatures are provided by the intrusion detection app, containing over 1000 known attack vectors. An additional 8,000-10,000 signatures are available (and continually updated) via the IDS update subscription from ClearCenter (app available in the Marketplace).

Intrusion Protection Updates
Intrusion Protection Updates   * * * * -

Intrusion Protection takes an active role at the edge of your network. It detects attempts to gain access to your system by known exploits and then pro-actively firewalls your server from the perpetrator. Having additional attack vector signatures in additional to continual updates is essential in deploying a security perimeter for your network. The Intrusion Protection Signatures and Updates app provides over 12,000 additional signatures and continual weekly updates.

ClearCenter Remote Security Audit
ClearCenter Remote Security Audit   * * * * -

Remote Security Audit is a service for system administrators to limit the damage potential of corrupted or tampered system files. Reviewed on a regular basis, the audit can quickly notify an admin so damage control measures can be taken in a timely manner. The audit notification (sent from ClearCenter's SDN cloud service) is essentially tamperproof against a malicous attacker covering the intrusion due to the creation of a unique audit hash which is stored in the cloud and compared against on subsequent audits.

Other Apps and Services by Developer
PPTP VPN
PPTP VPN   * * * * -

The PPTP VPN app is a server-side implementation of the PPTP protocol. It is primarily used for client-server VPN tunnels (as opposed to server-server). The main advantages of this protocol are ease of use and low cost as the client-side software is built into all Windows OS, in addition to free clients for Mac and Linux distributions. Along with the advantages, it should be stated that the PPTP protocol is the weakest in security of all the main VPN protocols (IPSec, OpenVPN, L2P). The protocol splits traffic into control and data streams, and passes all control packets across the network without any encryption. The result is that PPTP is vulnerable to attack or hijacking and known breeches in security using this protocol have been demonstrated.

Mail Settings
Mail Settings   - - - - -

The Mail Settings app provides the necessary tools to manage core mail functionality.

Shell Extension
Shell Extension   - - - - -

The Shell Extension is a account-manager extension that allows an administrator to assign shell access (and type) to user accounts via the user manager app. Giving users shell access to the server is not typically recommended unless the user has a role in administering the server or services (eg. Apache web server) that reside on it. Another typical use case that can enhance security is to disable root logins, forcing users with privileged shell access to login by username.

OpenVPN
OpenVPN   * * * * -

The OpenVPN app is a server-side implementation of the OpenVPN protocol. This versatile protocol makes it ideal for either client to server or server to server VPN tunnels using TCP or UDP.

AppleTalk Server
AppleTalk Server   - - - - -

The AppleTalk Server provides file management and storage using the AFP suite of protocols. This is useful for using the Time Machine feature if you have a Mac OS X client computer.

  
ABOUT THIS APP
RATING:
* * * * -
LATEST VERSION:
1.1.0-1
RELEASE DATE:
July 31, 2012
SOFTWARE REPOSITORY:
clearos
COST:
FREE
CATEGORY:
Gateway
TAGS:
IPS IDS PROTECTION MALWARE NETWORK ATTACK VECTORS PERIMETER SECURITY
LICENSE:
GPL
LIBRARY LICENSE:
LGPL
INTRODUCED TO MARKETPLACE:
July 13, 2012
 
TryBuy